CVE-2009-1357

Published: Apr 23, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELP_PAGE parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1022108

vdb-entry

x_refsource_SECTRACK

255928

vendor-advisory

x_refsource_SUNALERT

34643

vdb-entry

x_refsource_BID

20090421 CORE-2009-0114 - HTTP Response Splitting vulnerability in Sun Delegated Administrator

mailing-list

x_refsource_BUGTRAQ

34760

third-party-advisory

x_refsource_SECUNIA

http://sunsolve.sun.com/search/document.do?assetkey=1-21-121581-20-1

x_refsource_CONFIRM

1020305

vendor-advisory

x_refsource_SUNALERT

ADV-2009-1122

vdb-entry

x_refsource_VUPEN

sjs-delegated-login-response-splitting(50004)

vdb-entry

x_refsource_XF

http://www.coresecurity.com/content/sun-delegated-administrator

x_refsource_MISC

53920

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-1357

Description

Affected Products

References