Lucene search
K

200 matches found

CVE
CVE
added 2007/02/07 8:0 p.m.52 views

CVE-2005-4827

CVE-2005-4827 affects Internet Explorer 6.0 (and possibly other versions). It describes a bypass of the same-origin policy by calling open on an XMLHttpRequest object (Microsoft.XMLHTTP) with a method name containing tab, newline, or carriage return characters, a pattern some proxies convert to s...

7.5CVSS7.3AI score0.1076EPSS
Exploits1References4Affected Software3
Fedora
Fedora
added 2007/01/10 3:57 p.m.29 views

[SECURITY] Fedora Core 5 Update: wget-1.10.2-3.3.fc5

GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you are logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest wit...

5CVSS0.8AI score0.03944EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2006/08/02 6:39 p.m.5 views

security flaw

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS7.4AI score0.01766EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/07/29 12:16 a.m.6 views

security flaw

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS7.4AI score0.01766EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/07/20 1:41 p.m.3 views

security flaw

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS5.8AI score0.01766EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/07/07 12:5 a.m.29 views

CVE-2006-3412

Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers...

6.4CVSS5.9AI score0.02144EPSS
Exploits0References1
OSV
OSV
added 2006/07/07 12:5 a.m.1 views

DEBIAN-CVE-2006-3412

Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers...

6.4CVSS7AI score0.02144EPSS
Exploits0References1
myhack58
myhack58
added 2006/06/11 12:0 a.m.11 views

The network administrator and the attacker is a good helper for Wget using the detailed explanation-vulnerability warning-the black bar safety net

For a experience is not very rich attacker, worked extremely hard to get to the system management rights or the Telnet permissions later, often had to face such embarrassing scene: pour permissions what is the use For a system administrator, often to for system download some patch software or...

7.1AI score
Exploits0
Prion
Prion
added 2006/06/02 8:2 p.m.20 views

Design/Logic Flaw

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS6.4AI score0.01766EPSS
Exploits0References47Affected Software2
NVD
NVD
added 2006/06/02 8:2 p.m.19 views

CVE-2006-2786

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS6.2AI score0.01766EPSS
Exploits0References47
UbuntuCve
UbuntuCve
added 2006/06/02 8:2 p.m.35 views

CVE-2006-2786

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS5.9AI score0.01766EPSS
Exploits0References5
OSV
OSV
added 2006/06/02 8:2 p.m.9 views

CVE-2006-2786

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

6.3AI score
Exploits0References47
Debian CVE
Debian CVE
added 2006/06/02 8:0 p.m.24 views

CVE-2006-2786

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

2.6CVSS6.4AI score0.01766EPSS
Exploits0
CVE
CVE
added 2006/06/02 8:0 p.m.99 views

CVE-2006-2786

CVE-2006-2786 is an HTTP response smuggling vulnerability affecting Mozilla Firefox and Thunderbird prior to 1.5.0.4. According to connected advisories, an attacker could craft responses that a proxy or header formatting could fool the client into treating as responses from two different sites, p...

2.6CVSS6.2AI score0.01766EPSS
Exploits0References47Affected Software2
Cvelist
Cvelist
added 2006/06/02 8:0 p.m.24 views

CVE-2006-2786

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via 1 invalid HTTP response headers with spaces...

6.2AI score0.01766EPSS
Exploits0References47
Mozilla
Mozilla
added 2006/06/01 12:0 a.m.29 views

HTTP response smuggling — Mozilla

Kazuho Oku of Cybozu Labs reports via the Information-technology Promotion Agency, Japan, that Firefox is vulnerable to HTTP response smuggling when used with certain proxy servers...

2.6CVSS1.7AI score0.01766EPSS
Exploits0References3Affected Software3
securityvulns
securityvulns
added 2006/05/25 12:0 a.m.44 views

Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"

IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...

0.1AI score
Exploits0
myhack58
myhack58
added 2006/03/19 12:0 a.m.14 views

Breakthrough LAN on the Internet users some of the limitations-vulnerability warning-the black bar safety net

May now LAN online network user restrictions, such as not on some website, can't play certain games, not on MSN, port restrictions, etc., generally is through a proxy server on the software to be limiting, as will now talk about most of the ISA Server 2 0 0 4, or through hardware blank" the...

7AI score
Exploits0
CERT
CERT
added 2005/02/04 12:0 a.m.39 views

Multiple devices process HTTP requests inconsistently

Overview Multiple interconnected devices process valid HTTP request headers inconsistently and in this may manner may allow a remote attacker to poison a cache, conduct cross-site scripting attacks, and hijack user sessions. Attackers may use these flaws to launch a class of attacks referred to a...

5CVSS5.5AI score0.40977EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.51 views

msie4-persistent-connect.txt

Date: Fri, 22 Jan 1999 14:15:32 -0600 From: Joel Moses To: [email protected] Subject: IE4 Persistent Connection Bug Hi, everyone. Working with MCI/WorldCom, we've identified a problem with IE 4 which may or may not have security implications, but is definately naughty behavior, in our opinions...

7.4AI score
Exploits0
Rows per page
Query Builder