CVE-2011-5279
The CVE-2011-5279 entry concerns CRLF injection in the CGI component of Microsoft Internet Information Services (IIS) 4.x and 5.x running on Windows NT/2000. The vulnerability arises when a newline character in an HTTP header enables an attacker to modify arbitrary uppercase environment variables...