Back to search
CVE-2002-1783
Published: Jun 28, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20020912 Re: PHP fopen() CRLF Injection
mailing-list
x_refsource_BUGTRAQ
5681
vdb-entry
x_refsource_BID
php-fopen-crlf-injection(10080)
vdb-entry
x_refsource_XF
DSA-168
vendor-advisory
x_refsource_DEBIAN
20020909 PHP fopen() CRLF Injection
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now