5 matches found
CVE-2009-4529
InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs...
CVE-2009-3646
InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
CVE-2009-3646
InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
Design/Logic Flaw
Unspecified vulnerability in InterVations NaviCOPA Web Server 2.01 20070323 allows remote attackers to cause a denial of service daemon crash via crafted HTTP requests, as demonstrated by long requests containing '\A' characters, probably a different issue than CVE-2006-5112 and CVE-2007-1733...
CVE-2006-5112
CVE-2006-5112 reflects a buffer overflow in the NaviCOPA Web Server 2.01 caused by handling of long HTTP GET requests, enabling remote code execution. Connected sources confirm a public proof-of-concept/exploit vector: a Metasploit module named navicopa_get_overflow (and related exploit reference...