Vulnerabilities > W3C > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-12 | CVE-2005-3183 | Improper Input Validation vulnerability in W3C Libwww The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. | 4.3 |
2004-12-31 | CVE-2004-2274 | Remote URI Parsing vulnerability in W3C Jigsaw Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | 6.4 |
2002-10-04 | CVE-2002-1053 | Cross-Site Scripting vulnerability in W3C Jigsaw 2.2 Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message. network w3c | 6.8 |
2002-10-04 | CVE-2002-1052 | Path Disclosure vulnerability in W3C Jigsaw 2.2.1 Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | 5.0 |
2002-08-12 | CVE-2002-1445 | Cross-Site Scripting vulnerability in W3C Cern Httpd 3.0 Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page. network w3c | 4.3 |