4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.201 Low
EPSS
Percentile
96.3%
Ian Graham of Citrix Online reported that when multiple Location headers were present in a redirect response Mozilla behavior differed from other browsers: Mozilla would use the second Location header while Chrome and Internet Explorer would use the first. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Most commonly it is the Location header itself that is vulnerable to the response splitting and therefore the copy preferred by Mozilla is more likely to be the malicious one. It is possible, however, that the first copy was the injected one depending on the nature of the server vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 3.6.23 | |
firefox | lt | 7 | |
seamonkey | lt | 2.4 | |
thunderbird | lt | 3.1.15 | |
thunderbird | lt | 7 |