CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers…
mitre·CWE-20·Published 2009-03-26
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.
CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.
CRLF injection vulnerability in `bs_disp_as_mime_type.php` in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) `c_type` and possibly (2) `file_type` parameters.
CRLF injection vulnerability in `bs_disp_as_mime_type.php` in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) `c_type` and possibly (2) `file_type` parameters.
Vulnerabilidad de inyección CRLF en el archivo bs_disp_as_mime_type.php en la característica BLOB streaming en phpMyAdmin anteriores a v3.1.3.1 permite a los atacantes remotos inyectar arbitrariamente cabeceras HTTP y llevar a cabo ataques de separación de respuesta HTTP a través de los parámetros (1) c_type y posiblemente (2) file_type
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 7.5 | 10.0 | 6.4 | AV:N/AC:L/Au:N/C:P/I:P/A:P |