2 matches found
CVE-2007-2404
CVE-2007-2404: CRLF injection vulnerability in CFNetwork on Mac OS X 10.3.9/10.4.10 prior to 20070731 allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting; note this can enable XSS. Affected component: CFNetwork. Root cause: CRLF sequence handling in HTTP r...
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...