SecuritySpace - CVE-2013-1647

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-1647

Description: Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter, as demonstrated by (1) the location parameter to ajax/redirect or (2) multiple infostore URIs.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-1647
Bugtraq: 20130313 Open-Xchange Security Advisory 2013-03-13 (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2013-03/0075.html

CVE ID:	CVE-2013-1647
Description:	Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter, as demonstrated by (1) the location parameter to ajax/redirect or (2) multiple infostore URIs.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1647 Bugtraq: 20130313 Open-Xchange Security Advisory 2013-03-13 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-03/0075.html