Interchange HTTP Response Splitting Vulnerability Network Vulnerability

Summary

Interchange is prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust. Interchange versions prior to 5.6.3 and 5.4.5 are vulnerable.

Solution

This issue has been addressed in Interchange 5.4.5 and 5.6.3.

References

http://www.icdevgroup.org/i/dev/index.html
http://www.icdevgroup.org/i/dev/news?mv_arg=00042
http://www.securityfocus.com/bid/38960

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N

Related Vulnerabilities

MantisBT 'adm_config_report.php' Cross-Site Scripting Vulnerability - January15
Axis Commerce HTML Injection Vulnerability
phpLDAPadmin 'server_id' Parameter Cross Site Scripting Vulnerabilities
IBM WebSphere Application Server SIP Logging Information Disclosure Vulnerability
Alpha Networks ADSL2/2+ Wireless Router version ASL-26555 Password Information Disclosure Vulnerability

Take action and discover your vulnerabilities