Vulnerabilities > Improper Handling of Case Sensitivity
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-24 | CVE-2020-12812 | Improper Handling of Case Sensitivity vulnerability in Fortinet Fortios An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. | 9.8 |
| 2020-04-21 | CVE-2020-5301 | Improper Handling of Case Sensitivity vulnerability in Simplesamlphp SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. | 3.1 |
| 2018-09-13 | CVE-2018-8337 | Improper Handling of Case Sensitivity vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity, aka "Windows Subsystem for Linux Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers. | 5.3 |
| 2018-04-29 | CVE-2018-9845 | Improper Handling of Case Sensitivity vulnerability in Etherpad Lite Etherpad Lite before 1.6.4 is exploitable for admin access. | 9.8 |
| 2017-06-15 | CVE-2017-8493 | Improper Handling of Case Sensitivity vulnerability in Microsoft products Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability". | 5.5 |
| 2007-06-22 | CVE-2007-3365 | Improper Handling of Case Sensitivity vulnerability in Myserverproject Myserver 0.8.9 MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information (script source code) via a modified extension, as demonstrated by post.mscgI. | 7.5 |
| 2005-05-02 | CVE-2005-0269 | Improper Handling of Case Sensitivity vulnerability in SIR Gnuboard 3.40 The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters. | 9.8 |
| 2004-12-31 | CVE-2004-2214 | Improper Handling of Case Sensitivity vulnerability in Mbedthis Appweb Http Server 1.0.4 Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | 9.8 |
| 2004-12-31 | CVE-2004-2154 | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |
| 2004-12-03 | CVE-2004-1083 | Improper Handling of Case Sensitivity vulnerability in Apple products Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization. | 7.5 |