 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts |
CVE-2008-1368 (Internet Explorer)This is a discussion on "CVE-2008-1368 (Internet Explorer)" within the Advisories part of the Computer Security: Discussions section; CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF (%0D%0A) before the FTP command, which causes the commands to be ... |
 |
| | LinkBack | Thread Tools | Display Modes |
18-03-08
| |||
| |||
 CVE-2008-1368 (Internet Explorer) CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF (%0D%0A) before the FTP command, which causes the commands to be inserted into an authenticated FTP connection established earlier in the same browser session, as demonstrated using a DELE command, a variant or possibly a regression of CVE-2004-1166. NOTE: a trailing "//" can force Internet Explorer to try to reuse an... More...  |
| Sponsor | ||
| ||
| |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| CVE-2008-2926 (Internet Security Suite 2007, Internet Security Suite 2008, personal_f | Heap | Advisories | 0 | 13-08-08 14:39 |
| CVE-2008-1086 (Internet Explorer, windows-nt) | Heap | Advisories | 0 | 09-04-08 17:28 |
| CVE-2008-1545 (Internet Explorer) | Heap | Advisories | 0 | 31-03-08 15:22 |
| CVE-2008-0751 (Serendipity Freetag-plugin, Internet Explorer) | Heap | Advisories | 0 | 14-02-08 17:06 |
| CVE-2008-0077 (Internet Explorer) | Heap | Advisories | 0 | 13-02-08 18:25 |
