11 Avr 2016
CVE-2016-3166 Vulnerability
CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers. (CVSS:4.3) (Last Update:2016-04-12)
Vulnerability Details : CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers. Publish Date : 2016-04-12 Last Update Date : 2016-04-12 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-3166- Number Of Affected Versions By Product
- References For CVE-2016-3166
| |||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-3166There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |