Lucene search
MitreCVE-2006-6965HistoryJan 29, 2007 - 5:28 p.m.
CVE-2006-6965
2007-01-2917:28:00
mitre
web.nvd.nist.gov
26
crlf injection
dokuwiki
cve-2006-6965
vulnerability
http response splitting
xss attacks
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.2
Confidence
High
EPSS
0.008
Percentile
82.3%
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks.
Affected configurations
Node
andreas_gohrdokuwikiMatchrelease_2006-03-09
ORandreas_gohrdokuwikiMatchrelease_2006-03-09e
| Vendor | Product | Version | CPE |
|---|---|---|---|
| andreas_gohr | dokuwiki | release+2006-03-09 | cpe:/a:andreas_gohr:dokuwiki:release+2006-03-09::: |
| andreas_gohr | dokuwiki | release+2006-03-09e | cpe:/a:andreas_gohr:dokuwiki:release+2006-03-09e::: |
Related
ubuntucve
ubuntucve
CVE-2006-6965
2007-01-29 00:00:00
cvelist
cvelist
CVE-2006-6965
2007-01-29 17:00:00
gentoo
gentoo
DokuWiki: Cross-site scripting vulnerability
2007-04-12 00:00:00
nessus
nessus
GLSA-200704-08 : DokuWiki: XSS vulnerability
2007-04-19 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200704-08 (dokuwiki)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200704-08 (dokuwiki)
2008-09-24 00:00:00
debiancve
debiancve
CVE-2006-6965
2007-01-29 17:28:00
nvd
nvd
CVE-2006-6965
2007-01-29 17:28:00
securityvulns
securityvulns
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
6.2
Confidence
High
EPSS
0.008
Percentile
82.3%
Related for CVE-2006-6965