10 matches found
CVE-2026-8162
[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. T...
EUVD-2026-29441
multiparty vulnerable to Denial of Service via Uncaught Exception in filename parameter parsing...
Linux Distros Unpatched Vulnerability : CVE-2026-8162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - [email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a...
CVE-2026-8162
[email protected] and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. T...
Winace 2.2 Malformed Filename Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue, attackers may also be able ...
Winace 2.2 - Malformed Filename Remote Denial of Service
Winace 2.2 - Malformed Filename Remote Denial of Service source: https://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue,...
Update Protection against Tftpd32 Request Error Message Format String Vulnerability
Tftpd32 is a freeware TFTP server designed for Microsoft Windows operating systems. A vulnerability has been identified in Tftpd32, specifically in the processing of Get requests containing a malformed filename. An attacker capable of sending a specially crafted filename can cause a vulnerable...
Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (5)
source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...
Microsoft IIS 4.05.0 - Malformed Filename Request
Microsoft IIS 4.05.0 - Malformed Filename Request source: https://www.securityfocus.com/bid/1193/info Requesting a known filename with the extension replaced with .htr preceeded by approximately 230 "%20" which is an escaped character that represents a space from Microsoft IIS 4.0/5.0 will cause...
Microsoft IIS 4.0/5.0 - Malformed Filename Request
source: https://www.securityfocus.com/bid/1193/info Requesting a known filename with the extension replaced with .htr preceeded by approximately 230 "%20" which is an escaped character that represents a space from Microsoft IIS 4.0/5.0 will cause the server to retrieve the file and its contents...