6240 matches found
URL spoof in address bar
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property...
CVE-2007-5198
Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...
Buffer overflow
Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...
CVE-2007-5198
Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...
Memory corruption
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service crash via a nudge message that triggers an access of "an invalid memory location."...
CVE-2007-4996
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service crash via a nudge message that triggers an access of "an invalid memory location."...
Tor < 0.1.2.16 - ControlPort Remote Rewrite
t.bat which will run calc.exe on next boot. This is not very silent though, t.bat will contain something like 45 rows of crap which the user will see in about 1 sec, drop me a mail if you have a better way. Either have a TOR user visit this HTML or inject it into her traffic when you're a TOR exi...
nagios-plugins -- Long Location Header Buffer Overflow Vulnerability
A Secunia Advisory reports: The vulnerability is caused due to a boundary error within the redir function in checkhttp.c when processing HTTP Location: header information. This can be exploited to cause a buffer overflow by returning an overly long string in the "Location:" header to a vulnerable...
CVE-2007-4812
CVE-2007-4812 affects Apple Safari 3.0.3 (522.15.5) and earlier builds up to Beta Update 3.0.4. The vulnerability is a buffer overflow triggered by setting document.location.hash to an excessively long string, allowing remote attackers to cause a crash (DoS) and possibly other unspecified effects...
DEBIAN-CVE-2007-4337
Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...
CVE-2007-4337
Multiple buffer overflows in the httplibparsescheader function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long 1 Location and 2 Server HTTP headers, a different vulnerability than CVE-2006-3124...
CVE-2007-4196
icat in Brian Carrier The Sleuth Kit TSK before 2.09 misinterprets a certain memory location as the holder of a loop iteration count, which allows user-assisted remote attackers to cause a denial of service long loop and prevent examination of certain NTFS files via a malformed NTFS image...
CVE-2007-4196
icat in Brian Carrier The Sleuth Kit TSK before 2.09 misinterprets a certain memory location as the holder of a loop iteration count, which allows user-assisted remote attackers to cause a denial of service long loop and prevent examination of certain NTFS files via a malformed NTFS image...
CVE-2007-4196
The vulnerability CVE-2007-4196 affects icat in The Sleuth Kit (TSK) prior to 2.09. The flaw arises when icat misinterprets a memory location as the loop iteration counter, enabling user-assisted remote attackers to trigger a long loop DoS and to hinder examination of certain NTFS files via a mal...
Prozilla Pub Site Directory - 'Directory.php?cat' SQL Injection
--==+================================================================================+==-- --==+ Prozilla Pub Site Directory SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: prozilla.com DORK...
Cross site request forgery (csrf)
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service daemon crash by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault...
CVE-2007-3947
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service daemon crash by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault...
Opera/Konqueror URL spoofing
By using data: URL it's possible to spoof page location...
Cross site scripting
Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, ...
Code injection
Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks...