Lucene search

K
cve[email protected]CVE-2010-3172
HistoryNov 05, 2010 - 5:00 p.m.

CVE-2010-3172

2010-11-0517:00:02
CWE-94
web.nvd.nist.gov
34
bugzilla
cve-2010-3172
crlf injection
http response splitting
security vulnerability

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.007

Percentile

79.9%

CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted URL.

Affected configurations

NVD
Node
mozillabugzillaRange3.2.8
OR
mozillabugzillaMatch2.0
OR
mozillabugzillaMatch2.2
OR
mozillabugzillaMatch2.4
OR
mozillabugzillaMatch2.6
OR
mozillabugzillaMatch2.8
OR
mozillabugzillaMatch2.9
OR
mozillabugzillaMatch2.10
OR
mozillabugzillaMatch2.12
OR
mozillabugzillaMatch2.14
OR
mozillabugzillaMatch2.14.1
OR
mozillabugzillaMatch2.14.2
OR
mozillabugzillaMatch2.14.3
OR
mozillabugzillaMatch2.14.4
OR
mozillabugzillaMatch2.14.5
OR
mozillabugzillaMatch2.16
OR
mozillabugzillaMatch2.16rc1
OR
mozillabugzillaMatch2.16rc2
OR
mozillabugzillaMatch2.16.1
OR
mozillabugzillaMatch2.16.2
OR
mozillabugzillaMatch2.16.3
OR
mozillabugzillaMatch2.16.4
OR
mozillabugzillaMatch2.16.5
OR
mozillabugzillaMatch2.16.6
OR
mozillabugzillaMatch2.16.7
OR
mozillabugzillaMatch2.16.8
OR
mozillabugzillaMatch2.16.9
OR
mozillabugzillaMatch2.16.10
OR
mozillabugzillaMatch2.16.11
OR
mozillabugzillaMatch2.16_rc2
OR
mozillabugzillaMatch2.17
OR
mozillabugzillaMatch2.17.1
OR
mozillabugzillaMatch2.17.2
OR
mozillabugzillaMatch2.17.3
OR
mozillabugzillaMatch2.17.4
OR
mozillabugzillaMatch2.17.5
OR
mozillabugzillaMatch2.17.6
OR
mozillabugzillaMatch2.17.7
OR
mozillabugzillaMatch2.18
OR
mozillabugzillaMatch2.18rc1
OR
mozillabugzillaMatch2.18rc2
OR
mozillabugzillaMatch2.18rc3
OR
mozillabugzillaMatch2.18.1
OR
mozillabugzillaMatch2.18.2
OR
mozillabugzillaMatch2.18.3
OR
mozillabugzillaMatch2.18.4
OR
mozillabugzillaMatch2.18.5
OR
mozillabugzillaMatch2.18.6
OR
mozillabugzillaMatch2.18.6\+
OR
mozillabugzillaMatch2.18.7
OR
mozillabugzillaMatch2.18.8
OR
mozillabugzillaMatch2.18.9
OR
mozillabugzillaMatch2.19
OR
mozillabugzillaMatch2.19.1
OR
mozillabugzillaMatch2.19.2
OR
mozillabugzillaMatch2.19.3
OR
mozillabugzillaMatch2.20
OR
mozillabugzillaMatch2.20rc1
OR
mozillabugzillaMatch2.20rc2
OR
mozillabugzillaMatch2.20.1
OR
mozillabugzillaMatch2.20.2
OR
mozillabugzillaMatch2.20.3
OR
mozillabugzillaMatch2.20.4
OR
mozillabugzillaMatch2.20.5
OR
mozillabugzillaMatch2.20.6
OR
mozillabugzillaMatch2.20.7
OR
mozillabugzillaMatch2.21
OR
mozillabugzillaMatch2.21.1
OR
mozillabugzillaMatch2.21.2
OR
mozillabugzillaMatch2.22
OR
mozillabugzillaMatch2.22rc1
OR
mozillabugzillaMatch2.22.1
OR
mozillabugzillaMatch2.22.2
OR
mozillabugzillaMatch2.22.3
OR
mozillabugzillaMatch2.22.4
OR
mozillabugzillaMatch2.22.5
OR
mozillabugzillaMatch2.22.6
OR
mozillabugzillaMatch2.22.7
OR
mozillabugzillaMatch2.23
OR
mozillabugzillaMatch2.23.1
OR
mozillabugzillaMatch2.23.2
OR
mozillabugzillaMatch2.23.3
OR
mozillabugzillaMatch2.23.4
OR
mozillabugzillaMatch3.2
OR
mozillabugzillaMatch3.2rc1
OR
mozillabugzillaMatch3.2rc2
OR
mozillabugzillaMatch3.2.1
OR
mozillabugzillaMatch3.2.2
OR
mozillabugzillaMatch3.2.3
OR
mozillabugzillaMatch3.2.4
OR
mozillabugzillaMatch3.2.5
OR
mozillabugzillaMatch3.2.6
OR
mozillabugzillaMatch3.2.7
OR
mozillabugzillaMatch3.4.1
OR
mozillabugzillaMatch3.4.2
OR
mozillabugzillaMatch3.4.3
OR
mozillabugzillaMatch3.4.4
OR
mozillabugzillaMatch3.4.5
OR
mozillabugzillaMatch3.4.6
OR
mozillabugzillaMatch3.4.7
OR
mozillabugzillaMatch3.4.8
OR
mozillabugzillaMatch3.6.0
OR
mozillabugzillaMatch3.6.1
OR
mozillabugzillaMatch3.6.2
OR
mozillabugzillaMatch4.0

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.007

Percentile

79.9%