CVE-2007-5614 Vulnerability in maven package org.mortbay.jetty:jetty

Description

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

Remediation

References

http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt

http://www.kb.cert.org/vuls/id/438616

http://www.securityfocus.com/bid/26695

http://secunia.com/advisories/27925

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html

http://secunia.com/advisories/30941

http://osvdb.org/42496

http://secunia.com/advisories/35143

Related Vulnerabilities

CVE-2022-23437 Vulnerability in maven package xerces:xercesimpl

CVE-2020-15174 Vulnerability in maven package org.webjars.npm:electron

CVE-2020-5251 Vulnerability in npm package parse-server

CVE-2023-37277 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rest-server

CVE-2015-8861 Vulnerability in npm package handlebars

Severity

Critical

Description

Remediation

References

Related Vulnerabilities

Severity

Tags

Take action and discover your vulnerabilities