Code injection

Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests...

CVE-2012-6471

Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests...

Xxe

IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML external entity declaration in conjunction with an entity...

CVE-2012-5970

The Huawei E585 device allows remote attackers to cause a denial of service NULL pointer dereference and device outage via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software...

Null pointer dereference

The Huawei E585 device allows remote attackers to cause a denial of service NULL pointer dereference and device outage via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software...

CVE-2012-5970

The Huawei E585 device allows remote attackers to cause a denial of service NULL pointer dereference and device outage via crafted HTTP requests, as demonstrated by unspecified vulnerability-scanning software...

CVE-2012-5970

CVE-2012-5970 affects the Huawei E585 pocket wifi 2 device. The vulnerability is a NULL pointer dereference in the HTTP handling code triggered by crafted requests, leading to a denial of service and device outage. Public documents describe this as part of a set of vulnerabilities in the same dev...

[SECURITY] Fedora 17 Update: perl-CGI-3.52-218.fc17

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

[SECURITY] Fedora 18 Update: perl-CGI-3.59-235.fc18

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

CVE-2012-5568

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris...

CVE-2012-5568

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris...

Design/Logic Flaw

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris...

CVE-2012-5568

CVE-2012-5568 affects Apache Tomcat 7.0.x and enables a remote-denial-of-service via Slowloris-style partial HTTP requests. The vulnerability allows an attacker to keep connections open and exhaust resources, with a CVSS v2 base score of 5.0 in the initial metric (note: other sources list base sc...

CVE-2012-5568

Removed by vendor...

[SECURITY] Fedora 17 Update: perl-CGI-3.51-7.fc17

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

[SECURITY] Fedora 18 Update: perl-CGI-3.51-10.fc18

CGI.pm is a stable, complete and mature solution for processing and prepari ng HTTP requests and responses. Major features including processing form submissions, file uploads, reading and writing cookies, query string genera tion and manipulation, and processing and preparing HTTP headers. Some...

[Cookie Cadger] v.0.9

An auditing tool for Wi-Fi or wired Ethernet connections Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests. Cookie Cadger works on Windows, Linux, or Mac, and requires Java 7. Using Cookie Cadger requires having “tshark” – a utility which i...

[Burp Suite] Free Edition v1.5

Burp Suite helps you secure your web applications by finding the vulnerabilities they contain. Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking ...

ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal

This module exploits a directory traversal vulnerability found in ManageEngine DeviceExpert's ScheduleResultViewer Servlet. This is done by using "..\..\..\..\..\..\..\..\..\.." in the path in order to retrieve a file on a vulnerable machine. Please note that the SSL option is required in...

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

High-Tech Bridge Security Research Lab has discovered 2 remote DoS vulnerabilities in TVMOBiLi Media server, which could be exploited to crash remote server with malicious HTTP requests. 1 Improper Handling of Length Parameter Inconsistency in TVMOBiLi: CVE-2012-5451 1.1 The vulnerability exists...