Описание
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute.
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2291
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33978
- http://securityreason.com/securityalert/2654
- http://www.securityfocus.com/archive/1/466906/100/0/threaded
- http://www.securityfocus.com/bid/23668
- http://www.securitytracker.com/id?1017969
- http://www.wisec.it/vulns.php?id=11
EPSS
Процентиль: 97%
0.40389
Средний
CVE ID
Связанные уязвимости
nvd
почти 19 лет назад
CRLF injection vulnerability in the Digest Authentication support for Microsoft Internet Explorer 7.0.5730.11 allows remote attackers to conduct HTTP response splitting attacks via a LF (%0a) in the username attribute.
EPSS
Процентиль: 97%
0.40389
Средний