header-logo
Suggest Exploit
vendor:
PHP
by:
Unknown
5.5
CVSS
MEDIUM
HTTP Response Header Injection
79
CWE
Product Name: PHP
Affected Version From: PHP 5.2.3
Affected Version To: PHP 5.2.3 and prior versions, PHP 4.4.7 and prior versions
Patch Exists: YES
Related CWE: CVE-2007-1864
CPE: a:php:php
Metasploit: https://www.rapid7.com/db/vulnerabilities/php-cve-2007-1864/https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2007-0349/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2007-1864/https://www.rapid7.com/db/vulnerabilities/suse-cve-2007-1864/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2007-0348/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2007-0349/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2007-0355/https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2007-0348/
Other Scripts:
Platforms Tested:
2007

HTTP Response Header Injection in PHP

PHP is prone to an HTTP-response-header-injection vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to inject additional cookie attributes into session cookies. This may lead to other attacks.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user-supplied input before using it in HTTP response headers.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24268/info

PHP is prone to an HTTP-response-header-injection vulnerability because it fails to sanitize user-supplied input.

An attacker can exploit this issue to inject additional cookie attributes into session cookies. This may lead to other attacks.

This issue affects PHP 5.2.3 (and prior versions) and PHP 4.4.7 (and prior versions). 

http://www.example.com/session.php/PHPSESSID=ID;INJECTED=ATTRIBUTE;/

Navigation

Suggest Exploit

Services By CQR