New Search

HP-UX running Apache Remote Arbitrary Code Execution Cross Site Scripting (XSS)

oval:org.mitre.oval:def:6067

CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character which causes a regular expression to ignore the subsequent part of the address string.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2007-1900
Product(s):