Vulnerabilities

CVE-2011-2732

by Fred · 05/12/2012

CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter.

Date published : 2012-12-05

http://support.springsource.com/security/cve-2011-2732

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814

Similar

Tags: Cybersecurity Alert