24 matches found
CVE-2004-0456
Removed by vendor...
Pavuk HTTP Location header overflow
When pavuk sends a request to a web server and the server sends back the HTTP status code 305 Use Proxy, pavuk copies data from the HTTP Location header in an unsafe manner. This leads to a stack-based buffer overflow with control over EIP...
CVE-2003-1420
Cross-site scripting XSS vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header...
Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Location header
Overview A buffer overflow vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. This vulnerability could allow an unauthenticated remote attacker to cause a denial of service or execute arbitrary code on the system...