CVE-2002-1783
N/A
N/A
Summary
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0132.html
- http://www.securityfocus.com/bid/5681
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10080
- http://www.debian.org/security/2002/dsa-168
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0086.html
References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0132.html
- http://www.securityfocus.com/bid/5681
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10080
- http://www.debian.org/security/2002/dsa-168
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0086.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.