CVE-2005-1087

2005-04-1304:00:00

mitre

www.cve.org

7 High

AI Score

Confidence

Low

0.031 Low

EPSS

Percentile

91.1%

JSON

CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.

References

secunia.com/advisories/14861

securitytracker.com/id?1013666

www.osvdb.org/15362

www.security.org.sg/vuln/anhttpd142n.html

exchange.xforce.ibmcloud.com/vulnerabilities/20031