Description

CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.

Remediation

References

CVE-2011-5279

Related Vulnerabilities

WordPress Plugin Campaign Press Cross-Site Scripting (1.0.5)

WordPress Plugin Auto Prune Posts Cross-Site Request Forgery (1.8.0)

MySQL CVE-2020-14550 Vulnerability (CVE-2020-14550)

WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.1)

PHP unspecified remote arbitrary file upload vulnerability

Severity

Medium

Classification

CVE-2011-5279

Tags

Missing Update Known Vulnerabilities