ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability

ZDI-07-008: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-008.html March 2, 2007 -- CVE ID: CVE-2007-0774 -- Affected Vendor: Apache -- Affected Products: Tomcat JK Web Server Connector 1.2.19 Tomcat JK Web Server...

Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. The specific flaw exists in the URI handler for the modjk.so library, mapuritoworker, defined in...

CVE-2006-3391

The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler...

CVE-2006-3391

The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler...

CVE-2006-3391

This CVE affects the iMBCContents ActiveX Control prior to 2.0.0.59. The vulnerability resides in the Execute function, which allows remote attackers to run arbitrary files via the file URI handler. Impact is remote code execution with partial confidentiality, integrity, and availability implicat...

WinSCP 3.8.1 - URI Handler Arbitrary File Access

source: https://www.securityfocus.com/bid/18384/info WinSCP is prone to an arbitrary file-access vulnerability. An attacker can exploit this issue to upload arbitrary files to a victim user's computer or to download arbitrary files from the victim's computer in the context of the vulnerable...

WinSCP URI handler command execution

scp:// and sftp:// URI handlers allow to transmit unsafe paramters via command line...

[Full-disclosure] WinSCP - URI Handler Command Switch Parsing

WinSCP - URI Handler Command Switch Parsing About winscp : WinSCP is an open source freeware SFTP client for Windows using SSH. Legacy SCP protocol is also supported. Its main function is safe copying of files between a local and a remote computer. Versions affected : It was tested on WinSCP 3.8....

[Full-disclosure] Skype - URI Handler Command Switch Parsing

======================================================================== = Skype - URI Handler Command Switch Parsing = = Vendor Website: = http://www.skype.com = = Affected Version: = Skype for Windows: = All releases prior to and including 2.0..104 = Release 2.5..0 to and including 2.5..78 = =...

CVE-2006-2312

CVE-2006-2312 affects Skype for Windows, specifically versions 2.0..104 and 2.5. .0 through 2.5..78. The flaw is an argument injection vulnerability in the Skype URI handler that allows a remote attacker who has some level of authorization to cause a crafted Skype URL to trigger the transfer/down...

CVE-2006-2312

Argument injection vulnerability in the URI handler in Skype 2.0..104 and 2.5..0 through 2.5..78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches...

Information disclosure

A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Information Disclosure Vulnerability...

CVE-2006-2111

A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Information Disclosure Vulnerability...

Microsoft Internet Explorer crossite access

Script from one site can access content of the page from different site with mhtml: URI handler...

RHEL 2.1 / 3 / 4 : lynx (RHSA-2005:839)

An updated lynx package that corrects a security flaw is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser. An arbitrary command execute bug was found in the lynx 'lynxcgi:' URI handler. An attacker...

CVE-2005-1408

Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation...

CVE-2005-1408

Apple Keynote 2.0/2.0.1 is affected by CVE-2005-1408 due to a flaw in the keynote: URI handler that can be triggered by a crafted Keynote presentation. The vulnerability allows remote attackers to read arbitrary files on the local system. The related Nessus NASL entry confirms the issue exists in...

CVE-2005-1408

Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation...

Apple Keynote Presentation < 2.0.2 keynote: URI Handler Arbitrary File Access

The remote host contains a version of Keynote 2 which is older than 2.0.2. The installed version is affected by a security issue which may allow an attacker to send a rogue keynote file containing malformed URI links in it. An attacker can exploit this issue to read and upload arbitrary local fil...

CVE-2005-1342

The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands...