116 matches found
Opera Web Script Execution Vulnerabilities - June09 (Windows)
This host has Opera browser installed and is prone to Web Script Execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperawebscriptexecvulnjun09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera Web Script Execution Vulnerabilities - June09 Windows Authors: Sharath S Copyright:...
CVE-2009-2065
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...
CVE-2009-2065
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...
Design/Logic Flaw
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...
Design/Logic Flaw
Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related...
CVE-2009-2066
Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site,...
CVE-2009-2068
Removed by vendor...
CVE-2008-5284
The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client aka Radlogin 4.0.20 and earlier, allows remote attackers to cause a denial of...
CVE-2008-4325
lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted by the browser via a content-type parameter that is inconsistent with the requested object. NOTE:...
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Date & Version : 04/14/2007 - 1.0 Description : Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content...
CVE-2006-2023
Integer overflow in the RTSPmsglen function in rtsp/RTSPmsglen.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service application crash via a large HTTP Content-Length value, which leads to an invalid memory access...
Integer overflow
Integer overflow in the RTSPmsglen function in rtsp/RTSPmsglen.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service application crash via a large HTTP Content-Length value, which leads to an invalid memory access...
[VulnWatch] iDefense Security Advisory 01.23.06: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability
Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability iDefense Security Advisory 01.23.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 January 23, 2006 I. BACKGROUND iTechnology is an integration technology which provides standard...
Moderate: Red Hat Security Advisory: thunderbird security update
An updated Thunderbird package that fixes a security issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Thunderbird is a standalone mail and newsgroup client. A bug was found in the way...
Mail responds to cookie requests — Mozilla
Mozilla mail clients from March to December 2004 responded to cookie requests accompanying content loaded over HTTP, ignoring the setting of the preference "network.cookie.disableCookieForMailNews" disabled cookies are the default in mail...
CVE-2003-1036
Multiple buffer overflows in the AGate component for SAP Internet Transaction Server ITS allow remote attackers to execute arbitrary code via long 1 command, 2 runtimemode, or 3 session parameters, or 4 a long HTTP Content-Type header...