CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UbuntuCve•added 2007/06/11 6:30 p.m.•22 views

CVE-2007-3142

Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

5.8CVSS5.9AI score0.00749EPSS

Exploits1References1

NVD•added 2007/06/11 6:30 p.m.•13 views

CVE-2007-3145

Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

5.8CVSS6.6AI score0.00679EPSS

Prion•added 2007/06/11 6:30 p.m.•9 views

Design/Logic Flaw

5.8CVSS7.1AI score0.00679EPSS

NVD•added 2007/06/11 6:30 p.m.•17 views

CVE-2007-3142

5.8CVSS6.5AI score0.00749EPSS

Exploits1References8

Cvelist•added 2007/06/11 6:0 p.m.•15 views

CVE-2007-3144

6.6AI score0.00714EPSS

Cvelist•added 2007/06/11 6:0 p.m.•26 views

CVE-2007-3143

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...

6.6AI score0.0045EPSS

Cvelist•added 2007/06/11 6:0 p.m.•21 views

CVE-2007-3142

6.4AI score0.00749EPSS

Exploits1References8

CVE•added 2007/06/11 6:0 p.m.•56 views

CVE-2007-3143

CVE-2007-3143 affects Konqueror 3.5.5. The issue is a visual truncation vulnerability in the address bar: when a long hostname is shown, it is truncated, which can allow remote attackers to spoof the URL and potentially conduct phishing attacks (notably demonstrated via HTTP Basic Authentication)...

6.4CVSS6.6AI score0.0045EPSS

CVE•added 2007/06/11 6:0 p.m.•44 views

CVE-2007-3145

CVE-2007-3145 affects Galeon 2.0.1 and is described as a visual truncation vulnerability in which a long hostname can be truncated, allowing remote attackers to spoof the address bar and potentially conduct phishing attacks (demonstrated with HTTP Basic Authentication). The consolidated records i...

5.8CVSS6.6AI score0.00679EPSS

Cvelist•added 2007/06/11 6:0 p.m.•15 views

CVE-2007-3145

6.6AI score0.00679EPSS

Saint•added 2007/04/25 12:0 a.m.•26 views

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

10CVSS7.9AI score0.36221EPSS

Saint•added 2007/04/25 12:0 a.m.•30 views

Novell GroupWise WebAccess base64_decode buffer overflow

10CVSS7.9AI score0.36221EPSS

NVD•added 2007/04/24 8:19 p.m.•16 views

CVE-2007-2171

Stack-based buffer overflow in the base64decode function in GWINTER.exe in Novell GroupWise GW WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request...

10CVSS8AI score0.36221EPSS

Exploits5References9

CVE•added 2007/04/24 8:0 p.m.•54 views

CVE-2007-2171

Summary: CVE-2007-2171 is a stack-based overflow in the base64_decode function of Novell GroupWise WebAccess, specifically in GWINTER.exe, exploited via overly long Base64 content in an HTTP Basic Authentication request. Affected product/component: Novell GroupWise WebAccess (GWINTER.exe) prior t...

10CVSS7.8AI score0.36221EPSS

Exploits5References9Affected Software1

Cvelist•added 2007/04/24 8:0 p.m.•23 views

CVE-2007-2171

7.9AI score0.36221EPSS

Exploits5References9

Tenable Nessus•added 2007/04/23 12:0 a.m.•41 views

Novell Groupwise WebAccess GWINTER.EXE Base64 Decoding Remote Overflow

The remote host is running a version of GroupWise WebAccess from Novell that is vulnerable to a stack overflow in the way it handles HTTP Basic Authentication. By sending a specially crafted request, an attacker can exploit this flaw to execute code on the remote host with administrative...

10CVSS6AI score0.36221EPSS

Exploits5References3

securityvulns•added 2007/04/20 12:0 a.m.•62 views

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability

ZDI-07-015: Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-015.html April 18, 2007 -- CVE ID: CVE-2007-2171 -- Affected Vendor: Novell -- Affected Products: Groupwise WebAccess -- TippingPointTM IPS Customer Protection:...

10CVSS0.1AI score0.36221EPSS

Saint•added 2007/03/16 12:0 a.m.•24 views

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

6.8CVSS7.8AI score0.81253EPSS

Saint•added 2007/03/16 12:0 a.m.•32 views

NetMail WebAdmin username buffer overflow

6.8CVSS7.8AI score0.81253EPSS