Crlf injection

2011-02-1016:00:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.0%

JSON

Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags.

CPENameOperatorVersion
coldfusioneq8.0
coldfusioneq9.0
coldfusioneq8.0.1
coldfusioneq9.0.1

Name	Operator	Version
coldfusion	eq	8.0
coldfusion	eq	9.0
coldfusion	eq	8.0.1
coldfusion	eq	9.0.1

References

secunia.com/advisories/43264

www.adobe.com/support/security/bulletins/apsb11-04.html

www.securityfocus.com/bid/46281

www.securitytracker.com/id?1025036

www.vupen.com/english/advisories/2011/0334

exchange.xforce.ibmcloud.com/vulnerabilities/65276