CVE-2007-2401
The CVE-2007-2401 entry concerns a CRLF injection in Appleās WebCore XMLHttpRequest handling. Vulnerable: WebCore in Mac OS X 10.3.9, 10.4.9 and later, and iPhone prior to 1.0.1. Nature: remote attacker can inject arbitrary HTTP headers by sending LF characters in an XMLHttpRequest and exploiting...