Lucene search
K

116 matches found

OpenVAS
OpenVAS
added 2009/06/17 12:0 a.m.27 views

Opera Web Script Execution Vulnerabilities - June09 (Windows)

This host has Opera browser installed and is prone to Web Script Execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperawebscriptexecvulnjun09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera Web Script Execution Vulnerabilities - June09 Windows Authors: Sharath S Copyright:...

6.8CVSS0.1AI score0.01369EPSS
Exploits1References2
NVD
NVD
added 2009/06/15 7:30 p.m.27 views

CVE-2009-2065

Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...

6.8CVSS7.6AI score0.00851EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2009/06/15 7:30 p.m.69 views

CVE-2009-2065

Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...

6.8CVSS6.1AI score0.00851EPSS
Exploits1References1
Prion
Prion
added 2009/06/15 7:30 p.m.18 views

Design/Logic Flaw

Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...

6.8CVSS7.4AI score0.00851EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/06/15 7:30 p.m.17 views

Design/Logic Flaw

Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related...

6.8CVSS7.3AI score0.01369EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/06/15 7:0 p.m.35 views

CVE-2009-2066

Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site,...

6.5AI score0.00999EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2009/06/15 7:0 p.m.22 views

CVE-2009-2068

Removed by vendor...

5.8CVSS7AI score0.01242EPSS
Exploits0
Cvelist
Cvelist
added 2008/11/29 2:0 a.m.22 views

CVE-2008-5284

The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client aka Radlogin 4.0.20 and earlier, allows remote attackers to cause a denial of...

6.7AI score0.04435EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2008/09/30 4:13 p.m.17 views

CVE-2008-4325

lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted by the browser via a content-type parameter that is inconsistent with the requested object. NOTE:...

5.8CVSS5.8AI score0.01447EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/05/16 12:0 a.m.64 views

GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability

GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Date & Version : 04/14/2007 - 1.0 Description : Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content...

Exploits0
NVD
NVD
added 2006/04/25 8:6 p.m.18 views

CVE-2006-2023

Integer overflow in the RTSPmsglen function in rtsp/RTSPmsglen.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service application crash via a large HTTP Content-Length value, which leads to an invalid memory access...

5CVSS6.8AI score0.02306EPSS
Exploits1References9
Prion
Prion
added 2006/04/25 8:6 p.m.12 views

Integer overflow

Integer overflow in the RTSPmsglen function in rtsp/RTSPmsglen.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service application crash via a large HTTP Content-Length value, which leads to an invalid memory access...

5CVSS7.1AI score0.02306EPSS
Exploits1References9Affected Software1
securityvulns
securityvulns
added 2006/01/24 12:0 a.m.41 views

[VulnWatch] iDefense Security Advisory 01.23.06: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability

Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability iDefense Security Advisory 01.23.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 January 23, 2006 I. BACKGROUND iTechnology is an integration technology which provides standard...

10CVSS0.4AI score0.18645EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2005/02/15 10:26 a.m.42 views

Moderate: Red Hat Security Advisory: thunderbird security update

An updated Thunderbird package that fixes a security issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Thunderbird is a standalone mail and newsgroup client. A bug was found in the way...

5CVSS5.6AI score0.01682EPSS
Exploits0References3
Mozilla
Mozilla
added 2005/01/21 12:0 a.m.19 views

Mail responds to cookie requests — Mozilla

Mozilla mail clients from March to December 2004 responded to cookie requests accompanying content loaded over HTTP, ignoring the setting of the preference "network.cookie.disableCookieForMailNews" disabled cookies are the default in mail...

6.9AI score
Exploits0References1Affected Software2
NVD
NVD
added 2004/04/15 4:0 a.m.18 views

CVE-2003-1036

Multiple buffer overflows in the AGate component for SAP Internet Transaction Server ITS allow remote attackers to execute arbitrary code via long 1 command, 2 runtimemode, or 3 session parameters, or 4 a long HTTP Content-Type header...

7.5CVSS7.8AI score0.02566EPSS
Exploits0References2
Rows per page
Query Builder