PHP <= 5.2.3 EXT/Session HTTP Response Header Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24268/info PHP is prone to an HTTP-response-header-injection vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to inject additional cookie attributes into session cookies...