2442 matches found
CVE-2007-2550
CVE-2007-2550 affects CubeCart 3.0.15 (Devellion) and involves multiple CRLF injection vulnerabilities in cookies named with a prefix of "ccSID", enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting against cart.php or index.php. The vulnerability is due ...
Cubecart < 3.0.16 HTTP Response Splitting
Binary data 3984.prm...
Crlf injection
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF %0a in the username attribute...
CVE-2007-2291
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF %0a in the username attribute...
CVE-2007-2291
The CVE-2007-2291 entry describes a CRLF (HTTP header) injection vulnerability in the Digest Authentication support of Microsoft Internet Explorer 7.0.5730.11. The flaw permits remote attackers to perform HTTP response splitting by injecting a line feed (%0a) into the username attribute, potentia...
CVE-2007-2291
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF %0a in the username attribute...
CVE-2007-2046
Multiple CRLF injection vulnerabilities in adclick.php in a Openads phpAdsNew 2.0.11 and earlier and b Openads for PostgreSQL phpPgAds 2.0.11 and earlier allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in 1 the dest parameter...
CVE-2007-2047
CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 aka Max Media Manager, MMM before 0.3.31-alpha-pr3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the destination parameter. NOTE: some of these details a...
Crlf injection
Multiple CRLF injection vulnerabilities in adclick.php in a Openads phpAdsNew 2.0.11 and earlier and b Openads for PostgreSQL phpPgAds 2.0.11 and earlier allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in 1 the dest parameter...
CVE-2007-2046
Multiple CRLF injection vulnerabilities in adclick.php in a Openads phpAdsNew 2.0.11 and earlier and b Openads for PostgreSQL phpPgAds 2.0.11 and earlier allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in 1 the dest parameter...
Crlf injection
CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 aka Max Media Manager, MMM before 0.3.31-alpha-pr3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the destination parameter. NOTE: some of these details a...
CVE-2007-2047
CRLF injection vulnerability in www/delivery/ck.php in Openads 2.3 aka Max Media Manager, MMM before 0.3.31-alpha-pr3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the destination parameter. NOTE: some of these details a...
CVE-2007-2046
Multiple CRLF injection vulnerabilities in adclick.php in a Openads phpAdsNew 2.0.11 and earlier and b Openads for PostgreSQL phpPgAds 2.0.11 and earlier allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in 1 the dest parameter...
CVE-2007-2046
CVE-2007-2046 affects Openads (phpAdsNew) 2.0.11 and earlier and Openads for PostgreSQL (phpPgAds) 2.0.11 and earlier. The vulnerability arises from CRLF injection in adclick.php, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in ...
CVE-2007-2047
Openads 2.3 (aka Max Media Manager, MMM) is affected by a CRLF injection in www/delivery/ck.php, tractable before 0.3.31-alpha-pr3. The vulnerability allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the destination parameter. Impac...
[Full-disclosure] [OPENADS-SA-2007-004] Max Media Manager v0.1.29-rc and v0.3.31-alpha-pr2 vulnerability fixed
======================================================================== Openads security advisory OPENADS-SA-2007-004 ------------------------------------------------------------------------ Advisory ID: OPENADS-SA-2007-004 Date: 2007-Apr-11 Security risk: medium risk Applications affetced: Max...
[Full-disclosure] [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed
======================================================================== Openads security advisory OPENADS-SA-2007-003 ------------------------------------------------------------------------ Advisory ID: OPENADS-SA-2007-003 Date: 2007-Apr-11 Security risk: medium risk Applications affetced:...
Crlf injection
CRLF injection vulnerability in IBM WebSphere Application Server WAS before 6.0.2.19 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a single CRLF sequence in a context that is not a valid multi-line header...
CVE-2005-4830
Removed by vendor...
CVE-2005-4830
CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the content-type parameter...