Description

CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.

Remediation

References

CVE-2002-1783

Related Vulnerabilities

Oracle JRE CVE-2013-2443 Vulnerability (CVE-2013-2443)

Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-4322)

WordPress Plugin Software License Manager Cross-Site Scripting (4.4.9)

WebLogic CVE-2018-1313 Vulnerability (CVE-2018-1313)

WordPress Plugin GD Rating System Cross-Site Scripting (2.0.2)

Severity

Medium

Classification

CVE-2002-1783

Tags

Missing Update Known Vulnerabilities