CVE-2007-4164 in Java System Web Serverالمعلومات

الملخص

بحسب MITRE

CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

حجز

07/08/2007

إفشاء

07/08/2007

الاعتدال

تمت الموافقة

إدخال

VDB-38175

EPSS

0.02465

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!