CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-06-28T04:00:00
Updated: 2024-08-08T03:34:56.169Z
Reserved: 2005-06-29T00:00:00
Link: CVE-2002-1783
Vulnrichment
No data.
NVD
Status : Modified
Published: 2002-12-31T05:00:00.000
Modified: 2024-11-20T23:42:06.960
Link: CVE-2002-1783
Redhat
No data.