Lucene search
K

2171 matches found

OSV
OSV
added 2005/10/03 12:0 a.m.38 views

DSA-838-1 mozilla-firefox - multiple vulnerabilities

Bulletin has no description...

7.5CVSS6AI score0.0686EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2005/09/27 4:10 p.m.5 views

security flaw

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code...

5CVSS6.1AI score0.11919EPSS
Exploits1References4
NVD
NVD
added 2005/09/23 7:3 p.m.20 views

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

7.5CVSS7.4AI score0.03616EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2005/09/23 7:3 p.m.23 views

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

7.5CVSS6AI score0.03616EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/09/23 4:0 a.m.30 views

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

7.4AI score0.03616EPSS
Exploits0References31
CVE
CVE
added 2005/09/23 4:0 a.m.97 views

CVE-2005-2702

CVE-2005-2702 affects Mozilla/Firefox: vulnerable when processing Unicode sequences, specifically zero-width non-joiner characters. Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12 are at risk. Reported impact: remote attacker could cause a crash and, in some scenarios, may execute arbitr...

7.5CVSS7.4AI score0.03616EPSS
Exploits0References31Affected Software2
Cent OS
Cent OS
added 2005/09/22 10:46 p.m.80 views

firefox security update

CentOS Errata and Security Advisory CESA-2005:785 An updated firefox package that fixes several security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web...

7.5CVSS6.2AI score0.10718EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2005/09/22 8:16 p.m.4 views

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

7.5CVSS6.2AI score0.03616EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2005/09/22 12:0 a.m.29 views

firefox & mozilla -- multiple vulnerabilities

A Mozilla Foundation Security Advisory reports of multiple issues: Heap overrun in XBM image processing jackerror reports that an improperly terminated XBM image ending with space characters instead of the expected end tag can lead to a heap buffer overrun. This appears to be exploitable to insta...

7.5CVSS6.2AI score0.0686EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2005/09/18 12:0 a.m.22 views

Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Mozilla Firefox is the next-generation browser from the Mozilla project. Gecko is the layout engine used in both products. Description The Mozilla Suite and Firefox are both vulnerable to the...

7.5CVSS7.9AI score0.21112EPSS
Exploits2
OSV
OSV
added 2005/07/13 4:0 a.m.5 views

CVE-2005-2256

Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" encoded dot dot sequences in the formLanguage parameter...

6.5AI score
Exploits0References8
CVE
CVE
added 2005/07/13 4:0 a.m.56 views

CVE-2005-2256

Summary: CVE-2005-2256 is a directory-traversal vulnerability in phppgadmin up to versions 3.5.3, exploitable via encoded \%2e\%2e\%2f in the formLanguage parameter to access arbitrary files. The flaw requires that magic_quotes_gpc is disabled. Affected products/versions are documented in Debian ...

5CVSS6.4AI score0.04638EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2005/07/13 4:0 a.m.6 views

CVE-2005-2256

Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" encoded dot dot sequences in the formLanguage parameter...

5CVSS6.5AI score0.04638EPSS
Exploits1References8
OSV
OSV
added 2005/07/13 4:0 a.m.1 views

DEBIAN-CVE-2005-2256

Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" encoded dot dot sequences in the formLanguage parameter...

5CVSS7.1AI score0.04638EPSS
Exploits1References1
CVE
CVE
added 2005/07/10 4:0 a.m.38 views

CVE-2004-2184

Technical details about CVE-2004-2184 are not publicly provided in the supplied documents. No explicit affected products, vulnerable components, exploit specifics, or fixes are described here. Monitor for updates from official advisories.

6.4CVSS7.4AI score0.08097EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.22 views

CVE-2005-2060

Multiple HTTP Response Splitting vulnerabilities in 1 toggleshow.php, 2 togglecats.php, and 3 showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF "%0d%0a" sequences in the Cat parameter...

6.6AI score0.01347EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/06/16 12:0 a.m.29 views

Finjan SurfinGate content filtering protection bypass

It's possible to bypass URL filtering by using escape sequences...

1.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/06/12 12:0 a.m.33 views

osCommere HTTP Response Splitting

GulfTech Security Research June 10th, 2005 Vendor : osCommerce URL : http://www.oscommerce.com/ Version : osCommerce 2.2 Milestone 2 && Earlier Risk : HTTP Response Splitting Description: osCommerce is a very popular eCommerce application that allows for individuals to host their own online shop...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/06/01 4:0 a.m.20 views

CVE-2005-1791

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 crashes when the user attempts to add a URI to the restricted zone, in which the full domain name of the URI begins with numeric sequences similar to an IP address. NOTE: if there is not an exploit scenario in which an attacker can trigger this...

6.3AI score0.03801EPSS
Exploits1References2
CVE
CVE
added 2005/05/04 4:0 a.m.136 views

CVE-2005-1342

CVE-2005-1342 affects Apple Terminal on Mac OS X 10.3.9 where the x-man-page URI handler fails to sanitize terminal escape sequences, enabling remote command execution. The underlying issue is lack of input sanitization for x-man-page URIs, which could lead to arbitrary commands executed in the T...

7.5CVSS6.9AI score0.05213EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder