CVE-2013-2950

by Fred · 03/06/2013

CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21, and 8.0.0.x through 8.0.0.1 CF5, when home substitution (aka uri.home.substitution) is enabled, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Date published : 2013-06-03

http://www-01.ibm.com/support/docview.wss?uid=swg1PM85071

http://www-01.ibm.com/support/docview.wss?uid=swg21638864

CVE-2013-2950

Similar

Recent Posts

Categories

CVE-2013-2950

Share this:

Similar

Recent Posts

Categories

Tags