Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2007-2292

CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.

  • Published: Apr 26, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-2292
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
mozilla / firefox - 2.0.0.8.x
mozilla / seamonkey - 1.1.5.x
microsoft / internet_explorer 7.0.5730.11 7.0.5730.11.x