Уязвимость CVE-2011-1398

Релиз	Статус	Примечание
devel	not-affected	5.4.6-1ubuntu1
hardy	released	5.2.4-2ubuntu5.26
lucid	released	5.3.2-1ubuntu4.18
natty	released	5.3.5-1ubuntu7.11
oneiric	released	5.3.6-13ubuntu3.9
precise	released	5.3.10-1ubuntu3.4
upstream	needs-triage

CVE-2011-1398

redhat

больше 13 лет назад

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

CVE-2011-1398

nvd

почти 13 лет назад

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

CVE-2011-1398

debian

почти 13 лет назад

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5. ...

GHSA-g6fq-45x6-cmh4

github

около 3 лет назад

The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.

ELSA-2013-0514

oracle-oval

больше 12 лет назад

ELSA-2013-0514: php security, bug fix and enhancement update (MODERATE)

exploitDog

CVE-2011-1398

Описание

Ссылки на источники

Связанные уязвимости

CVE-2011-1398

Описание

Пакет php5

Ссылки на источники

Связанные уязвимости