CVE-2007-2292

Priority
Description
CRLF injection vulnerability in the Digest Authentication support for
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote
attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in
the username attribute.
Notes
Package
Upstream:released (2.0.0.8)
Package
Upstream:needs-triage
Package
Upstream:released (2.0.0.8)
More Information

Updated: 2019-12-05 20:42:58 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)