Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0202

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-0202
Last Modified 22 Oct 2008 01:44:13
Published 09 Jan 2008 07:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0202

Summary

CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter.

Vulnerable Systems

Application

  • Expressionengine 1.2.1


References

BID - 27128

BUGTRAQ - 20080103 securityvulns.com russian vulnerabilities digest

MISC - http://websecurity.com.ua/1454/

MISC - http://securityvulns.ru/Sdocument472.html

SREASON - 3539


Last Updated: 27 May 2016 10:46:42