Searching uri software vulnerabilities

ScriptEase MiniWeb Server 0.95 allows remote at

ScriptEase | MiniWeb | Server |

ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service (crash) via certain HTTP GET requests containing (1) a %2e%2e (encoded dot-dot), (2) several /../ (dot dot) sequences, (3) a missing URI, or (4) several ../ in a URI that does not begin with a / (slash) character.


BadBlue server allows remote attackers to cause

attackers | service | BadBlue | denial | allows | server | remote | cause |

BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.


The URI handlers in Konqueror for KDE 3.2.2 and

Konqueror | handlers | KDE | URI |

The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.


Mozilla allows remote attackers to cause Mozill

attackers | different | character | expected | Mozilla | allows | remote | cause | than | null | open | MIME | type | URI | via |

Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.


The IPv6 URI parsing routines in the apr-util l

routines | apr-util | library | parsing | Apache | IPv6 | URI |

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.


Info Touch Surfnet kiosk allows local users to

underlying | filesystem | Surfnet | allows | access | users | Touch | kiosk | local | Info | via |

Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI.


Unknown vulnerability in Jigsaw before 2.2.4 ha

vulnerability | Unknown | before | Jigsaw |

Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI.


NetWin (1) SurgeMail before 2.0c and (2) WebMai

NetWin |

NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.


Microsoft Internet Explorer 6 SP2 (6.0.2900.218

Microsoft | Explorer | Internet | SP2 |

Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the user attempts to add a URI to the restricted zone, in which the full domain name of the URI begins with numeric sequences similar to an IP address. NOTE: if there is not an exploit scenario in which an attacker can trigger this behavior, then perhaps this issue should not be included in CVE.


SQL injection vulnerability in vCounter.php in

vulnerability | vCounterphp | arbitrary | attackers | injection | commands | vCounter | execute | allows | remote | URI | via | SQL |

SQL injection vulnerability in vCounter.php in vCounter 1.0 allows remote attackers to execute arbitrary SQL commands via the URI (_SERVER[REQUEST_URI] variable).


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']).


Sylpheed-Claws before 2.2.2 and Sylpheed before

Sylpheed-Claws | before |

Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.


Buffer overflow in Apple QuickTime 7.1.3 allows

QuickTime | overflow | Buffer | Apple |

Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.


Array index error in the uri_lookup function in

uri_lookup | function | parser | index | error | Array | neon | URI |

Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.


The fopen function in PHP 5.2.0 does not proper

function | fopen | PHP |

The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI.


Mozilla Firefox 2.0.0.4 and earlier allows remo

Firefox | Mozilla |

Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox installation directory via a resource:// URI.


Apple Safari Beta 3.0.1 for Windows allows remo

Safari | Apple | Beta |

Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.


Opera 9.21 allows remote attackers to spoof the

Opera |

Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.


konqueror/konq_combo.cc in Konqueror 3.5.7 allo

konqueror/konq_combocc | Konqueror |

konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.


Directory traversal vulnerability in Web Oddity

vulnerability | arbitrary | attackers | traversal | Directory | remote | allows | Oddity | files | read | 009b | via | Web |

Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.


Software vulnerabilities results 1 to 20 of 283     
Page: 12345...15