CVE-2007-4618

Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allows remote attackers to cause a denial of service disk consumption via certain malformed HTTP headers...

CVE-2007-4618

Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allows remote attackers to cause a denial of service disk consumption via certain malformed HTTP headers...

DSA-1362-1 lighttpd - several vulnerabilities

Bulletin has no description...

olatedownload-sql.txt

-Summary- Software: Olate Download Sowtwares Web Site: http://www.olate.co.uk/ Versions: 3.4.2 Class: Remote Status: Unpatched Exploit: Available Solution: Not Available Discovered by: imei addmimistrator Risk Level: Middel Description Olate download is prone to SQL injection in download.php file...

GLSA-200708-11 : Lighttpd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-11 Lighttpd: Multiple vulnerabilities Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP...

Streamripper stream to MP3 ripper buffer overflow

Multiple buffer overflow on HTTP headers parsing...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

Buffer overflow

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...

CVE-2007-4337

CVE-2007-4337 describes multiple buffer overflows in Streamripper’s httplib_parse_sc_header() in lib/http.c, allowing remote code execution via crafted long HTTP headers (Location and Server). Affected software: Streamripper prior to version 1.62.2. Root cause: buffer overflows in header parsing....

Crlf injection

CRLF injection vulnerability in Joomla! before 1.0.13 aka Sunglow allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting XSS attacks. NOTE: some of...

Crlf injection

CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting XS...

FreeBSD : joomla -- multiple vulnerabilities (4872d9a7-4128-11dc-bdb0-0016179b2dd5)

A Secunia Advisory reports : joomla can be exploited to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks. Certain unspecified input passed in comsearch, comcontent and modlogin is not properly sanitised before being returned to a user. This can be...

Crlf injection

CRLF injection vulnerability in the redirect function in urlhelper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header...

CVE-2007-3709

CRLF injection vulnerability in the redirect function in urlhelper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header...

CVE-2007-3709

The CVE-2007-3709 entry concerns a CRLF injection in CodeIgniter 1.5.3. The vulnerability lies in the redirect function of url_helper.php, where an unspecified parameter can be tainted to inject arbitrary HTTP headers via CRLF sequences, as demonstrated by a Set-Cookie header. Affected product/ve...

CVE-2007-3709

CRLF injection vulnerability in the redirect function in urlhelper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header...

CVE-2007-3686

CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTPREFERER parameter...

Crlf injection

CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTPREFERER parameter...