DescriptionCRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 22.214.171.124 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2007:057, published Thu, 25 Oct 2007 18:00:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 03:17:44 2013
CVE page last modified: Fri Oct 7 12:45:36 2022