CVE-2007-2292
CVSS v2.0
4.3 (Medium)
EPSS
8.94 % (95th)
Affected Products
3
Advisories
8
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Weaknesses
- CWE-20
- Improper Input Validation
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2007-04-26 20:19:00
(17 years ago) - Updated Date
-
2021-07-23 15:05:45
(3 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...