This CVE name corresponds to:
|2012-09-05||php5 -- header splitting attack via carriage-return character|
The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.
|MLIST||[internals] 20120203 [PHP-DEV] The case of HTTP response splitting protection in PHP|
|MLIST||[oss-security] 20120829 php header() header injection detection bypass|
|MLIST||[oss-security] 20120905 Re: php header() header injection detection bypass|
Copyright © 2005 The MITRE Corporation.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.