CVE-2007-5614 Vulnerability in maven package org.mortbay.jetty:jetty

Description

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

Remediation

References

http://osvdb.org/42496

http://secunia.com/advisories/27925

http://secunia.com/advisories/30941

http://secunia.com/advisories/35143

http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt

http://www.kb.cert.org/vuls/id/438616

http://www.securityfocus.com/bid/26695

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html

Related Vulnerabilities

CVE-2021-41182 Vulnerability in maven package org.webjars.npm:jquery-ui

CVE-2022-22965 Vulnerability in maven package org.springframework:spring-webflux

CVE-2023-34238 Vulnerability in npm package gatsby

CVE-2020-7743 Vulnerability in maven package org.webjars.bower:mathjs

CVE-2022-31191 Vulnerability in maven package org.dspace:dspace-jspui

Severity

Critical

Description

Remediation

References

Related Vulnerabilities

Severity

Tags

Take action and discover your vulnerabilities