CVE-2008-3906

Published: Sep 4, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

30867

vdb-entry

x_refsource_BID

mono-sysweb-xss(44740)

vdb-entry

x_refsource_XF

36494

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20080827 CVE request: mono Sys.Web header injection

mailing-list

x_refsource_MLIST

ADV-2008-2443

vdb-entry

x_refsource_VUPEN

20080930 rPSA-2008-0286-1 mono

mailing-list

x_refsource_BUGTRAQ

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0286

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=418620

x_refsource_CONFIRM

USN-826-1

vendor-advisory

x_refsource_UBUNTU

31643

third-party-advisory

x_refsource_SECUNIA

MDVSA-2008:210

vendor-advisory

x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-3906

Description

Affected Products

References