Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4190

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4190
Last Modified 07 Mar 2011 09:57:57
Published 07 Aug 2007 09:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4190

Summary

CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Joomla 1.0.12


References

SECUNIA - 26239

VUPEN - ADV-2007-2719

MISC - http://www.joomla.org/content/view/3677/1/

OSVDB - 38739


Last Updated: 27 May 2016 10:45:48