Уязвимость разделения HTTP-ответов в Mozilla Firefox, Thunderbird и SeaMonkey из-за некорректной обработки HTTP-заголовков
Описание
Уязвимость, обнаруженная в Mozilla Firefox, Thunderbird и SeaMonkey, связана с некорректной обработкой HTTP-ответов, содержащих несколько заголовков Location, Content-Length или Content-Disposition. Это облегчает удалённым злоумышленникам проведение атак разделения HTTP-ответов (HTTP Response Splitting) через специально созданные значения заголовков.
Затронутые версии ПО
- Mozilla Firefox до версии 3.6.23 и 4.x через 6
- Thunderbird до версии 7.0
- SeaMonkey до версии 2.4
Тип уязвимости
Разделение HTTP-ответов (HTTP Response Splitting)
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | seamonkey | Affected | ||
| Red Hat Enterprise Linux 4 | thunderbird | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.7 | firefox | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 5.7 | thunderbird | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 6.1 | firefox | Affected | ||
| Red Hat Enterprise Linux Extended Update Support 6.1 | thunderbird | Affected | ||
| Red Hat Enterprise Linux 4 | firefox | Fixed | RHSA-2011:1341 | 28.09.2011 |
| Red Hat Enterprise Linux 5 | firefox | Fixed | RHSA-2011:1341 | 28.09.2011 |
| Red Hat Enterprise Linux 5 | xulrunner | Fixed | RHSA-2011:1341 | 28.09.2011 |
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2011:1341 | 28.09.2011 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7. ...
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values.
EPSS
6.8 Medium
CVSS2