SAP Web Application Server 6.x/7.0 Input Validation Vulnerability

ID EDB-ID:27887
Type exploitdb
Reporter Arnold Grossmann
Modified 2005-11-09T00:00:00


SAP Web Application Server 6.x/7.0 Input Validation Vulnerability. CVE-2006-1039. Remote exploits for multiple platform


SAP Web Application Server is prone to an input-validation vulnerability that results in HTTP response-splitting attacks. This issue is due to a failure in the application to properly sanitize user-supplied input.

A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.