3 matches found
CVE-2007-3385: Handling of \" in cookies
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-3385: Handling of " in cookies Severity: Low Session Hi-jacking Vendor: The Apache Software Foundation Versions Affected: 6.0.0 to 6.0.13 5.5.0 to 5.5.24 5.0.0 to 5.0.30 4.1.0 to 4.1.36 3.3 to 3.3.2 Description: Tomcat incorrectly handles the...
Fixed in Apache Tomcat 4.1.37
Important: Information disclosure CVE-2005-3164 If a client specifies a Content-Length but disconnects before sending any of the request body, the deprecated AJP connector processes the request using the request body of the previous request. Users are advised to use the default, supported Coyote...
PHPX 2.x - 3.2.4
PHPX 3.2.4 http://www.phpx.org Versions Affected: PHPX 2.x - 3.2.4 Type of bug: Session Hi-jacking/Admin Access via Cookies Impact: Ability to steal another users account Found-by: HelloWorld Ryan Wray Vendor: Notified Table Of Contents ===================== 1 The Program 2 The Problem 3 The Proo...