CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-09-04 10:41
Updated : 2018-10-11 13:50
NVD link : CVE-2008-3906
Mitre link : CVE-2008-3906
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
mono_project
- mono
mono
- mono