CVE-2004-1470

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server.

Ссылки

http://marc.info/?l=bugtraq&m=109518773223511&w=2
http://www.gentoo.org/security/en/glsa/glsa-200409-23.xml
Patch
http://www.securityfocus.com/bid/11180
Exploit
Patch
http://www.snipsnap.org/space/start
https://exchange.xforce.ibmcloud.com/vulnerabilities/17364
http://marc.info/?l=bugtraq&m=109518773223511&w=2
http://www.gentoo.org/security/en/glsa/glsa-200409-23.xml
Patch
http://www.securityfocus.com/bid/11180
Exploit
Patch
http://www.snipsnap.org/space/start
https://exchange.xforce.ibmcloud.com/vulnerabilities/17364

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:snipsnap:snipsnap:0.5.2a:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05863

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-fm3x-39m6-8qfx

github

больше 3 лет назад