|
|
CVE Reference: CVE-2007-5595 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-5595 |
|
|
Description: CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/37264 SAID Secunia Advisory: SA27292 Secunia Advisory: SA27352 FEDORA CONFIRM http://drupal.org/node/184315 BID 26119 |
|
| Return to the previous page. |
