CVE-2016-1155

CVE-2016-1155

EPSS 1.8%

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb https://jvn.jp/vu/JVNVU99757346/index.html http://www.securityfocus.com/bid/97662