Description

CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.

Remediation

References

CVE-2002-1783

Related Vulnerabilities

WordPress Plugin Integration for Contact Form 7 and Constant Contact Cross-Site Scripting (1.0.8)

IBM RTC CVE-2018-1694 Vulnerability (CVE-2018-1694)

Oracle JRE CVE-2012-1717 Vulnerability (CVE-2012-1717)

Oracle JRE CVE-2018-2663 Vulnerability (CVE-2018-2663)

WordPress Plugin 360 Product Rotation Cross-Site Scripting (1.4.7)

Severity

Medium

Classification

CVE-2002-1783

Tags

Missing Update Known Vulnerabilities