CVE-2007-2292
published 2007-04-26CVE-2007-2292: CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to…
PriorityP427medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
12.74%
95.8th percentile
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| mozilla | firefox | <= 2.0.0.8 | — |
| mozilla | seamonkey | <= 1.1.5 | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.3MEDIUM
vendor_ubuntu4.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2007-10-23·CVSS 4.0
CVE-2006-2894 [MEDIUM] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Thunderbird vulnerabilities
Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user's privileges. (CVE-2007-5339,
CVE-2007-5340)
Flaws were discovered in the file upload form control. By tricking
a user into opening a malicious web page, an attacker could force
arbitrary files from the user's computer to be uploaded without their
consent. (CVE-2006-2894, CVE-2007-3511)
Michal Zalewski discovered that the onUnload event handlers were
incorrectly able to access information outside the old page content. A
malicious web site could exploit this to modify the contents, or
steal confidential data (such as passwords), of the next l
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2007-10-22·CVSS 4.0
CVE-2007-5334 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox vulnerabilities
Various flaws were discovered in the layout and JavaScript engines.
By tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user's privileges. (CVE-2007-5336,
CVE-2007-5339, CVE-2007-5340)
Michal Zalewski discovered that the onUnload event handlers were
incorrectly able to access information outside the old page content.
A malicious web site could exploit this to modify the contents, or steal
confidential data (such as passwords), of the next loaded web page.
(CVE-2007-1095)
Stefano Di Paola discovered that Firefox did not correctly request
Digest Authentications. A malicious web site could exploit this to
inject arbitrary HTTP headers or perform session splitting attacks
aga
Red Hat
security flaw
vendor_redhat·2007-04-25·CVSS 4.3
CVE-2007-2292 [MEDIUM] security flaw
security flaw
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
GHSA
GHSA-jjpj-fj74-73gv: CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2
ghsa_unreviewed·2022-05-01
CVE-2007-2292 [MEDIUM] CWE-20 GHSA-jjpj-fj74-73gv: CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2007-2292 security flaw
bugzilla·2018-08-16·CVSS 4.3
CVE-2007-2292 [MEDIUM] CVE-2007-2292 security flaw
CVE-2007-2292 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Bugzilla
Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
bugzilla·2007-10-16·CVSS 6.8
CVE-2007-1095 [MEDIUM] Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)
Here is a rough breakdown of the flaws grouped by type. The official
definition of these issues can be found on the upstream security page here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html
Leveraging browser flaws, fooling users into possibly surrendering sensitive
information (Moderate):
CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334
Malformed web content could result in the execution of arbitrary commands
(Critical):
CVE-2007-5336, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340
Digest Authentication requests can be used to conduct a response splitting
attack (Moderate):
CVE-2007-2292
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://secunia.com/advisories/27276http://secunia.com/advisories/27298http://secunia.com/advisories/27311http://secunia.com/advisories/27315http://secunia.com/advisories/27325http://secunia.com/advisories/27327http://secunia.com/advisories/27335http://secunia.com/advisories/27336http://secunia.com/advisories/27356http://secunia.com/advisories/27360http://secunia.com/advisories/27383http://secunia.com/advisories/27387http://secunia.com/advisories/27403http://secunia.com/advisories/27414http://secunia.com/advisories/27425http://secunia.com/advisories/27480http://secunia.com/advisories/27665http://secunia.com/advisories/27680http://secunia.com/advisories/28398http://securityreason.com/securityalert/2654http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.htmlhttp://www.debian.org/security/2007/dsa-1392http://www.debian.org/security/2007/dsa-1396http://www.debian.org/security/2007/dsa-1401http://www.gentoo.org/security/en/glsa/glsa-200711-14.xmlhttp://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202http://www.mozilla.org/security/announce/2007/mfsa2007-31.htmlhttp://www.novell.com/linux/security/advisories/2007_57_mozilla.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0979.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0980.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0981.htmlhttp://www.securityfocus.com/archive/1/466906/100/0/threadedhttp://www.securityfocus.com/archive/1/482876/100/200/threadedhttp://www.securityfocus.com/archive/1/482925/100/0/threadedhttp://www.securityfocus.com/archive/1/482932/100/200/threadedhttp://www.securityfocus.com/bid/23668http://www.securitytracker.com/id?1017968http://www.ubuntu.com/usn/usn-536-1http://www.vupen.com/english/advisories/2007/3544http://www.vupen.com/english/advisories/2007/3587http://www.vupen.com/english/advisories/2008/0083http://www.wisec.it/vulns.php?id=11https://bugzilla.mozilla.org/show_bug.cgi?id=378787https://exchange.xforce.ibmcloud.com/vulnerabilities/33981https://issues.rpath.com/browse/RPL-1858https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10195https://usn.ubuntu.com/535-1/https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.htmlhttps://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.htmlhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742http://secunia.com/advisories/27276http://secunia.com/advisories/27298http://secunia.com/advisories/27311http://secunia.com/advisories/27315http://secunia.com/advisories/27325http://secunia.com/advisories/27327http://secunia.com/advisories/27335http://secunia.com/advisories/27336http://secunia.com/advisories/27356http://secunia.com/advisories/27360http://secunia.com/advisories/27383http://secunia.com/advisories/27387http://secunia.com/advisories/27403http://secunia.com/advisories/27414http://secunia.com/advisories/27425http://secunia.com/advisories/27480http://secunia.com/advisories/27665http://secunia.com/advisories/27680http://secunia.com/advisories/28398http://securityreason.com/securityalert/2654http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.htmlhttp://www.debian.org/security/2007/dsa-1392http://www.debian.org/security/2007/dsa-1396http://www.debian.org/security/2007/dsa-1401http://www.gentoo.org/security/en/glsa/glsa-200711-14.xmlhttp://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202http://www.mozilla.org/security/announce/2007/mfsa2007-31.htmlhttp://www.novell.com/linux/security/advisories/2007_57_mozilla.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0979.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0980.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0981.htmlhttp://www.securityfocus.com/archive/1/466906/100/0/threadedhttp://www.securityfocus.com/archive/1/482876/100/200/threadedhttp://www.securityfocus.com/archive/1/482925/100/0/threadedhttp://www.securityfocus.com/archive/1/482932/100/200/threadedhttp://www.securityfocus.com/bid/23668http://www.securitytracker.com/id?1017968http://www.ubuntu.com/usn/usn-536-1http://www.vupen.com/english/advisories/2007/3544http://www.vupen.com/english/advisories/2007/3587http://www.vupen.com/english/advisories/2008/0083http://www.wisec.it/vulns.php?id=11https://bugzilla.mozilla.org/show_bug.cgi?id=378787https://exchange.xforce.ibmcloud.com/vulnerabilities/33981https://issues.rpath.com/browse/RPL-1858https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10195
+ 4 more references
2007-04-26
Published