Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2007-2292

Disclosure Date: April 26, 2007
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

References

Advisory

Additional Info

Technical Analysis