← back
CVE-2005-3633

CVE-2005-3633

EPSS 2.0%
HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=113156438708932&w=2http://secunia.com/advisories/17515/http://securityreason.com/securityalert/164https://exchange.xforce.ibmcloud.com/vulnerabilities/23030http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_HTTP_Response_Splitting_in_SAP_WAS.pdfhttp://www.osvdb.org/20714http://www.securityfocus.com/bid/15360/http://www.securitytracker.com/alerts/2005/Nov/1015174.htmlhttp://www.vupen.com/english/advisories/2005/2361