12 matches found
CVE-2010-0360
Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...
EUVD-2004-2312
Malware in sbrugna...
Trojan-Proxy.Win32.Delf.ai Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/1dd6eb39a388f4c8a3eaf248d86aaabc.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Delf.ai Vulnerability: Remote SEH Buffer Overflow Description: The malware listen...
CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are...
Design/Logic Flaw
Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...
CVE-2010-0360
Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...
CVE-2010-0360
The Sun Java System Web Server 7.0 Update 7 contains a heap-based memory overflow in the HTTP TRACE path. Specifically, a malformed TRACE request with a long URI and many empty headers can cause heap corruption and expose memory contents, enabling remote attackers to overwrite and read heap memor...
CVE-2010-0360
Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...
CVE-2004-2763
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are vulnerable to cross-site scripting...
CVE-2004-2763
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are vulnerable to cross-site scripting...
CVE-2004-2320
Technical details for CVE-2004-2320 are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are...