4.3
CVE-2003-1338
- EPSS 0.36%
- Veröffentlicht 31.12.2003 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Aprelium Technologies ≫ Abyss Web Server Version <= 1.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.57 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|