4404 matches found
UBUNTU-CVE-2014-2892
Heap-based buffer overflow in the getanswer function in mmsh.c in libmms before 0.6.4 allows remote attackers to execute arbitrary code via a long line in an MMS over HTTP MMSH server response...
SSL/TLS CRIME attack against HTTPS
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...
wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)
The httppayloadsubdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service stack consumption via a...
OpenPNE vulnerable to PHP Object Injection
Overview OpenPNE contains an issue in processing Cookie headers, which may result in a PHP Object Injection vulnerability. Egidio Romano of Secunia reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote,...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
apache-cxf: Bypass of security constraints on WS endpoints when using WSS4JInInterceptor
The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...
CVE-2013-0095
Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebK...
SSL/TLS CRIME attack against HTTPS
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...
Mozilla: Phishing on HTTPS connection through malicious proxy (MFSA 2013-27)
Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow man-in-the-middle attackers to spoof the address bar by operating a proxy server that provides a 407 HTTP status code accompanied by web...
DEBIAN-CVE-2012-5976
Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones allow remote attackers to cause a denial o...
DEBIAN-CVE-2012-4545
The httpnegotiatecreatecontext function in protocol/http/httpnegotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials...
CVE-2011-5235
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...
Sql injection
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link...
RSSOwl vulnerable to arbitrary script execution
Overview RSSOwl is vulnerable to arbitrary script execution. RSSOwl is an RSS/Atom feed reader. RSSOwl is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Daiki Fukumori of Cyber Defense Institute, Inc. reported this...
UBUNTU-CVE-2012-0647
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header...
UBUNTU-CVE-2011-3022
translate/translatemanager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network...
tomcat: Multiple weaknesses in HTTP DIGEST authentication
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the...
php: hash table collisions CPU usage DoS (oCERT-2011-003)
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
DEBIAN-CVE-2011-3639
The modproxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to...
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...