CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

NVD•added 2010/01/13 8:30 p.m.•17 views

CVE-2009-4488

Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. NOTE: the vendo...

9.8CVSS7.6AI score0.0192EPSS

Exploits2References3

UbuntuCve•added 2010/01/13 8:30 p.m.•34 views

CVE-2009-4490

minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

5CVSS7.5AI score0.03999EPSS

Exploits2References1

Prion•added 2010/01/13 8:30 p.m.•26 views

Design/Logic Flaw

thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

5CVSS8.3AI score0.02714EPSS

Exploits3References4Affected Software1

Prion•added 2010/01/13 8:30 p.m.•24 views

Design/Logic Flaw

Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

5CVSS8.2AI score0.0421EPSS

Exploits2References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by