Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2006-5330
Description:CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2006-5330
BugTraq ID: 20592
Bugtraq: 20061017 Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin (Google Search)
Cert/CC Advisory: TA07-072A
RedHat Security Advisories: RHSA-2007:0009
SuSE Security Announcement: SUSE-SA:2006:077 (Google Search)
XForce ISS Database: flashplayer-multiple-xsrf(29634)

© 1998-2021 E-Soft Inc. All rights reserved.