Lucene search

PRIOn knowledge basePRION:CVE-2006-0207

HistoryJan 13, 2006 - 11:03 p.m.

Design/Logic Flaw

2006-01-1323:03:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.6%

JSON

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function.

CPENameOperatorVersion
phpeq5.1.1
phpeq5.0 rc1
phpeq5.0.5
phpeq5.0.1
phpeq5.0.4
phpeq5.0 rc3
phpeq5.0.3
phpeq5.1.0
phpeq5.0 rc2
phpeq5.0.2

Name	Operator	Version
php	eq	5.1.1
php	eq	5.0 rc1
php	eq	5.0.5
php	eq	5.0.1
php	eq	5.0.4
php	eq	5.0 rc3
php	eq	5.0.3
php	eq	5.1.0
php	eq	5.0 rc2
php	eq	5.0.2

Rows per page:

1-10 of 111

References

lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html

secunia.com/advisories/18431

secunia.com/advisories/18697

secunia.com/advisories/19012

secunia.com/advisories/19179

secunia.com/advisories/19355

secunia.com/advisories/25945

securitytracker.com/id?1015484

www.debian.org/security/2007/dsa-1331

www.gentoo.org/security/en/glsa/glsa-200603-22.xml

www.hardened-php.net/advisory_012006.112.html

www.mandriva.com/security/advisories?name=MDKSA-2006:028

www.php.net/release_5_1_2.php

www.securityfocus.com/bid/16220

www.vupen.com/english/advisories/2006/0177

www.vupen.com/english/advisories/2006/0369

exchange.xforce.ibmcloud.com/vulnerabilities/24094

usn.ubuntu.com/261-1/

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.6%

JSON

Related for PRION:CVE-2006-0207