CVE-2007-4164

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.

Vulnerabilidad de inyección CRLF (retorno de carro y nueva línea) en la funcionalidad de redirección de Sun Java System Web SErver 6.1 y 7.0 anterior al 02/08/2007, cuando la Función de Aplicación de Servidor (SAF) redirect usa el parámetro url-prefix y escape está deshabilitado, o una directiva de Error usa el parámetro url-prefix en obj.conf, permite a atacantes remotos inyectar cabeceras HTTP de su elección y llevar a cabo ataques de división de respuesta HTTP.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-08-07 CVE Reserved
2007-08-07 CVE Published
2024-07-18 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
http://www.securitytracker.com/id?1018504	Vdb Entry
http://www.vupen.com/english/advisories/2007/2766	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/35783	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.securityfocus.com/bid/25190	2017-07-29

URL	Date	SRC
http://secunia.com/advisories/26326	2017-07-29
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103003-1	2017-07-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		-		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp1		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp2		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp3		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp4		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp5		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp6		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				6.1 Search vendor "Sun" for product "Java System Web Server" and version "6.1"		sp7		Affected
Sun Search vendor "Sun"		Java System Web Server Search vendor "Sun" for product "Java System Web Server"				7.0 Search vendor "Sun" for product "Java System Web Server" and version "7.0"		-		Affected