Lucene search

K
cveMitreCVE-2008-2497
HistoryMay 28, 2008 - 3:32 p.m.

CVE-2008-2497

2008-05-2815:32:00
CWE-94
mitre
web.nvd.nist.gov
37
crlf injection
vulnerability
mambo
http headers
http response splitting
attack
remote
cve-2008-2497
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7

Confidence

Low

EPSS

0.01

Percentile

83.7%

CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected configurations

Nvd
Node
mambo-foundationmamboRange4.6.4
VendorProductVersionCPE
mambo-foundationmambo*cpe:2.3:a:mambo-foundation:mambo:*:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7

Confidence

Low

EPSS

0.01

Percentile

83.7%

Related for CVE-2008-2497