CVE-2009-3372

CVE-2009-3372 affects Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0. It allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. The linked MiracleLinux advisory AXSA:2009-419:04 lists this CVE am...

Fedora 10 : Django-1.1.1-1.fc10 (2009-10432)

http://www.djangoproject.com/weblog/2009/oct/09/security/ Description of vulnerability ============================ Django's forms library included field types which perform regular-expression-based validation of email addresses and URLs. Certain addresses/URLs could trigger a pathological...

CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

Design/Logic Flaw

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

Microsoft Windows Patterns & Practices EntLib DOS Vulnerability

This host has Microsoft Windows Patterns & Practices Enterprise Library installed and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmswppenterpriselibraryredosvuln.nasl 6532 2017-07-05 07:42:05Z cfischer $ Microsoft Windows Patterns & Practices EntLib DOS...

Design/Logic Flaw

DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs in datavault allows context-dependent attackers to cause a denial of service CPU consumption via an input string composed of an open bracket followed by many commas, related to a certain regular expression, aka a "ReDoS" vulnerability...

CVE-2009-3276

Zoran/WinFormsAdvansed/RegeularDataToXML/Form1.cs in WinFormsAdvansed in NASD CORE.NET Terelik aka corenet1 allows context-dependent attackers to cause a denial of service CPU consumption via an input string composed of many alphabetic characters followed by a ! exclamation point, related to a...

CVE-2009-3275

Blocks/Common/Src/Configuration/Manageability/Adm/AdmContentBuilder.cs in Microsoft patterns & practices Enterprise Library aka EntLib allows context-dependent attackers to cause a denial of service CPU consumption via an input string composed of many \ backslash characters followed by a " double...

CVE-2009-3277

DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs in datavault allows context-dependent attackers to cause a denial of service CPU consumption via an input string composed of an open bracket followed by many commas, related to a certain regular expression, aka a "ReDoS" vulnerability...

CVE-2009-3277

CVE-2009-3277 describes a ReDoS vulnerability in DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs within datavault. The issue allows context-dependent attackers to cause a denial of service by feeding an input string that starts with an opening bracket followed by many commas, exploiting a re...

CVE-2009-3276

CVE-2009-3276 affects Zoran/WinFormsAdvansed/RegeularDataToXML/Form1.cs in WinFormsAdvansed within NASD CORE.NET Terelik (aka corenet1). The vulnerability is a ReDoS: context-dependent attackers can cause CPU exhaustion by supplying an input string consisting of many alphabetic characters followe...

CVE-2008-7123

Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte %00 in the login parameter in an ajout action, which bypasses the regular expression check...

Code injection

Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte %00 in the login parameter in an ajout action, which bypasses the regular expression check...

CVE-2008-7123

Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte %00 in the login parameter in an ajout action, which bypasses the regular expression check...

CVE-2008-7123

CVE-2008-7123 affects zKup CMS 2.0–2.3. The vulnerability is a static code injection in admin/configuration/modifier.php that allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter during an ajout action, bypassing the regular ex...

Critical: Red Hat Security Advisory: nspr and nss security update

Updated nspr and nss packages that fix security issues are now available for Red Hat Enterprise Linux 5.2 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Netscape Portable Runtime NSPR provides platform independence for...

Multiple Products NSS Library Buffer Overflow Vulnerability

This host is installed with Firefox or Thunderbird or SeaMonkey or Evolution or Pidgin or AOL Instant Messenger Products which is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbmultprdtsnsslibbofvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Multiple Products NSS Library...

nss regexp heap overflow

Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services NSS before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger AIM, allows remote SSL servers to cause a denial of service application crash or possibly...