php: HTTP response splitting in header() function

The header PHP function allowed header stings containing line break followed by a space or tab, as allowed by RFC 2616. Certain browsers handled the continuation line as new header, making it possible to conduct a HTTP response splitting attack against such browsers. The header function was updat...

Design/Logic Flaw

The sapiheaderop function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences aka carriage return characters, which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improp...

PHP 4.2.3 - Header Function Script Injection

source: https://www.securityfocus.com/bid/5669/info PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems. It has been reported that a vulnerability in the PHP header function exists. It may be possible for ...