Lucene search

K

PRIOn knowledge basePRION:CVE-2014-8150

HistoryJan 15, 2015 - 3:59 p.m.

Crlf injection

2015-01-1515:59:00

PRIOn knowledge base

www.prio-n.com

7

7.2 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.8%

CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL.

CPENameOperatorVersion
ubuntu_linuxeq12.04
ubuntu_linuxeq14.10
ubuntu_linuxeq14.04
ubuntu_linuxeq10.04
debian_linuxeq7.0
libcurleq7.9.5
libcurleq7.9.1
libcurleq7.19.0
libcurleq7.19.6
libcurleq7.4

Rows per page:

1-10 of 1191

References

advisories.mageia.org/MGASA-2015-0020.html

curl.haxx.se/docs/adv_20150108B.html

kb.juniper.net/InfoCenter/index?page=content&id=JSA10743

lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

lists.opensuse.org/opensuse-updates/2015-02/msg00040.html

rhn.redhat.com/errata/RHSA-2015-1254.html

secunia.com/advisories/61925

secunia.com/advisories/62075

secunia.com/advisories/62361

www.debian.org/security/2015/dsa-3122

www.mandriva.com/security/advisories?name=MDVSA-2015:021

www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/71964

www.securitytracker.com/id/1032768

www.ubuntu.com/usn/USN-2474-1

kc.mcafee.com/corporate/index?page=content&id=SB10131

lists.fedoraproject.org/pipermail/package-announce/2015-January/147856.html

lists.fedoraproject.org/pipermail/package-announce/2015-January/147876.html

lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html

lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html

security.gentoo.org/glsa/201701-47

support.apple.com/kb/HT205031

7.2 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.8%

Related for PRION:CVE-2014-8150