Vulnerability & Exploit Database

Displaying entries 1 - 10 of 36 in total

Results for: CVE-2016-1635 Back to search

Ubuntu: (Multiple Advisories) (CVE-2016-5388): Tomcat regression Vulnerability

  • Severity: 5
  • Published: July 18, 2016

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an...

Ubuntu: USN-3038-1 (CVE-2016-5387): Apache HTTP Server vulnerability Vulnerability

  • Severity: 5
  • Published: July 18, 2016

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header ...

SUSE: CVE-2016-5388: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: July 18, 2016

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an...

SUSE: CVE-2016-5387: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: July 18, 2016

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header ...

Red Hat: CVE-2016-5388: Important: tomcat security update ((Multiple Advisories)) Vulnerability

  • Severity: 5
  • Published: July 18, 2016

Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via...

Red Hat: CVE-2016-5387: Important: httpd security and bug fix update ((Multiple Advisories)) Vulnerability

  • Severity: 5
  • Published: July 18, 2016

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header ...

Oracle Solaris 11: CVE-2016-5388: Vulnerability in Apache Tomcat Vulnerability

  • Severity: 5
  • Published: July 18, 2016

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an...

Oracle Solaris 11: CVE-2016-5387: Vulnerability in Apache HTTP server Vulnerability

  • Severity: 5
  • Published: July 18, 2016

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header ...

Oracle Linux: (CVE-2016-5388) (Multiple Advisories): tomcat security update Vulnerability

  • Severity: 5
  • Published: July 18, 2016

Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via...

Oracle Linux: (CVE-2016-5387) (Multiple Advisories): httpd security and bug fix update Vulnerability

  • Severity: 5
  • Published: July 18, 2016

The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header ...