Описание
CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.
CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1770
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42879
- https://www.exploit-db.com/exploits/5741
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-June/062672.html
- http://secunia.com/advisories/30537
- http://www.securityfocus.com/archive/1/493077/100/0/threaded
- http://www.securityfocus.com/archive/1/493142/100/0/threaded
- http://www.securitytracker.com/id?1020194
- http://www.vupen.com/english/advisories/2008/1746/references
Связанные уязвимости
nvd
больше 17 лет назад
CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.