CVE-2007-4190 - CVE Reference - Advisories

CVE Reference: CVE-2007-4190

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4190

Description: CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. NOTE: some of these details are obtained from third party information.

CVE Status: Candidate

References: SAID Secunia Advisory: SA26239 MISC http://www.joomla.org/content/view/3677/1/

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	CS-Cart "cs_cookies" SQL Injection Vulnerability

2.	Drupal Content Construction Kit Script Insertion Vulnerabilities

3.	HP OpenView Select Identity Connectors Information Disclosure

4.	Gentoo update for mysql

5.	Gentoo update for realplayer

6.	rPath update for libtiff

7.	3Com Wireless 8760 Access Point HTTP Request Processing Denial of Service

8.	Gentoo update for yelp

9.	Cisco ASA and PIX Security Appliances Multiple Vulnerabilities

10.	SUSE update for IBMJava5-JRE and java-1_5_0-ibm