Lucene search

PRIOn knowledge basePRION:CVE-2011-1398

HistoryAug 30, 2012 - 10:55 p.m.

Design/Logic Flaw

2012-08-3022:55:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.014 Low

EPSS

Percentile

86.2%

JSON

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

CPENameOperatorVersion
phpeq5.3.6
phpeq5.3.9
phpeq5.3.1
phpeq5.3.8
phple5.3.10
phpeq5.3.0
phpeq5.3.3
phpeq5.3.7
phpeq5.3.2
phpeq5.3.4

Name	Operator	Version
php	eq	5.3.6
php	eq	5.3.9
php	eq	5.3.1
php	eq	5.3.8
php	le	5.3.10
php	eq	5.3.0
php	eq	5.3.3
php	eq	5.3.7
php	eq	5.3.2
php	eq	5.3.4

Rows per page:

1-10 of 111

References

article.gmane.org/gmane.comp.php.devel/70584

lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html

openwall.com/lists/oss-security/2012/08/29/5

openwall.com/lists/oss-security/2012/09/05/15

rhn.redhat.com/errata/RHSA-2013-1307.html

secunia.com/advisories/55078

security-tracker.debian.org/tracker/CVE-2011-1398

www.securitytracker.com/id?1027463

www.ubuntu.com/usn/USN-1569-1

bugs.php.net/bug.php?id=60227

6.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.014 Low

EPSS

Percentile

86.2%

JSON

Related for PRION:CVE-2011-1398