DEBIAN-CVE-2025-46646

In Artifex Ghostscript before 10.05.0, decodeutf8 in base/gputf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954...

Validation Bypass

Mozilla Firefox is vulnerable to validaiton bypass. does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting XSS protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210...

Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass

Exploit for multiple platform in category dos / poc title: Airlock WAF overlong UTF-8 sequence bypass product: Airlock vulnerable version: = 4.2.4 without hotfix HF4213 fixed version: 4.2.5 impact: critical homepage: http://www.ergon.ch/ found: 2012-04-05 by: G. Wagner SEC Consult Vulnerability L...

Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Airlock WAF overlong UTF-8 sequence bypass product: Airlock vulnerable version: = 4.2.4 without hotfix HF4213 fixed version: 4.2.5 impact: critical homepage:...

Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass

Airlock WAF 4.2.4 - Overlong UTF-8 Sequence Bypass SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Airlock WAF overlong UTF-8 sequence bypass product: Airlock vulnerable version: = 4.2.4 without hotfix HF4213 fixed...

CVE-2009-5016

Integer overflow in the xmlutf8decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting XSS and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vulnerability than CVE-2010-3870...

CVE-2009-5017

Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting XSS protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210...

Firefox: overlong UTF-8 seqence detection problem

Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting XSS protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210...

CVE-2004-2579

ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding."...