CVE-2009-4531

httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI.

Publication date: Fri, 01 Jan 2010 01:30:00 +0000

Cyber News related to CVE-2009-4531

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
11 years ago

CVE-2012-2412 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4531. Reason: This candidate is a duplicate of CVE-2012-4531. Notes: All CVE users should reference CVE-2012-4531 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
11 years ago

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago

CVE-2009-4531 - httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by appending a . (dot) character to the URI. ...
6 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
54 years ago Tenable.com

CVE-2006-4621 - PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. NOTE: the provenance of this information is unknown; the details are ...
13 years ago

CVE-2015-4531 - EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain ...
7 years ago

CVE-2008-4531 - SQL injection vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to queries. NOTE: this might be the same issue as CVE-2008-4338. ...
6 years ago

CVE-2011-4531 - Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command. ...
12 years ago

CVE-2014-4531 - Cross-site scripting (XSS) vulnerability in main_page.php in the Game tabs plugin 0.4.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the n parameter. ...
9 years ago

CVE-2016-4531 - Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. ...
7 years ago

CVE-2012-4531 - Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
6 years ago

CVE-2007-4531 - Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attackers to cause a client denial of service (crash) via (1) a long string to the file transfer port or (2) a long chat message, or (3) a server denial of ...
5 years ago

CVE-2006-4531 - PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. The vendor has released version 1.3 to address this issue. ...
5 years ago

CVE-2020-4531 - IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This ...
3 years ago

CVE-2010-4531 - Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service ...
1 year ago

CVE-2013-4531 - Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image. ...
6 months ago

CVE-2023-4531 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mestav Software E-commerce Software allows SQL Injection.This issue affects E-commerce Software: before 20230901 . ...
9 months ago

CVE-2018-4531 - ** REJECT ** This candidate is unused by its CNA. ...
9 months ago

CVE-2022-4531 - ** REJECT ** Not a valid vulnerability. ...
8 months ago

CVE-2017-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2024-4531 - The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF attacks ...
1 month ago

CVE-2009-0795 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a different issue. Notes: All CVE users should consult ...
54 years ago Tenable.com

Latest Cyber News

CVE-2024-6440 - 2 hours ago
CVE-2024-6439 - 2 hours ago
CVE-2024-6438 - 2 hours ago
CVE-2024-6264 - 2 hours ago
CVE-2024-6099 - 2 hours ago
CVE-2024-6088 - 2 hours ago
CVE-2024-4268 - 2 hours ago
CVE-2024-34593 - 3 hours ago
CVE-2024-20897 - 3 hours ago
CVE-2024-20888 - 3 hours ago
CVE-2024-20894 - 3 hours ago
CVE-2024-6012 - 3 hours ago
CVE-2024-6011 - 3 hours ago
CVE-2024-34601 - 3 hours ago
CVE-2024-34600 - 3 hours ago
CVE-2024-34599 - 3 hours ago
CVE-2024-34597 - 3 hours ago
CVE-2024-34596 - 3 hours ago
CVE-2024-34595 - 3 hours ago
CVE-2024-34594 - 3 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-21466 - 22 hours ago
CVE-2024-34593 - 3 hours ago
CVE-2024-20897 - 3 hours ago
CVE-2024-20888 - 3 hours ago
CVE-2024-20894 - 3 hours ago
CVE-2024-6012 - 3 hours ago
CVE-2024-6011 - 3 hours ago
CVE-2024-34601 - 3 hours ago
CVE-2024-34600 - 3 hours ago
CVE-2024-34599 - 3 hours ago
CVE-2024-34597 - 3 hours ago
CVE-2024-34596 - 3 hours ago
CVE-2024-34595 - 3 hours ago
CVE-2024-34594 - 3 hours ago
CVE-2024-34592 - 3 hours ago
CVE-2024-34591 - 3 hours ago
CVE-2024-34590 - 3 hours ago
CVE-2024-34589 - 3 hours ago
CVE-2024-34588 - 3 hours ago
CVE-2024-34587 - 3 hours ago