56 matches found
CVE-2008-5400
Multiple cross-site request forgery CSRF vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to 1 create forums, 2 change account privileges, 3 enable accounts, or 4 disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to 1 create forums, 2 change account privileges, 3 enable accounts, or 4 disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers...
CVE-2008-3171
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
Information disclosure
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
CVE-2008-3171
CVE-2008-3171 concerns Apple Safari leaking Referer headers that contain https URLs to other https sites. The description indicates this can let remote attackers obtain potentially sensitive information by reading Referer log data. Affected software is Safari; the root cause is the inclusion of h...
CVE-2003-1559
Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
CVE-2003-1561
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
CVE-2003-1561
Technical details about CVE-2003-1561 are not publicly provided in the supplied documents; no patched versions, affected products, or impact specifics are included. Monitor for updates.
CVE-2008-3171
Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
CVE-2003-1560
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
Flash Player allows to send arbitrary Referer headers
Overview Flash Player from Adobe contains a vulnerability allowing to send arbitrary Referer headers. Flash Player from Adobe is a multimedia and application browser plugin for viewing Adobe Flash contents. Flash Player contains a vulnerability allowing to send arbitrary Referer headers. Impact A...
CVE-2007-5960
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protecti...
CVE-2007-3457
Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file...
CVE-2007-3457
Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file...
CVE-2003-1559
Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...
CVE-2003-1560
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...