CVE-2009-4267

Summary

The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationjUDDI3.0.0 fixed in 3.0.1affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References