CVE-2007-5614 Vulnerability in maven package org.mortbay.jetty:jetty

Description

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

Remediation

References

http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt

http://www.kb.cert.org/vuls/id/438616

http://www.securityfocus.com/bid/26695

http://secunia.com/advisories/27925

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html

http://secunia.com/advisories/30941

http://osvdb.org/42496

http://secunia.com/advisories/35143

Related Vulnerabilities

CVE-2013-6448 Vulnerability in maven package org.jboss.seam:jboss-seam-remoting

CVE-2018-11775 Vulnerability in maven package org.apache.activemq:activemq-broker

CVE-2010-2276 Vulnerability in npm package dojo

CVE-2017-16038 Vulnerability in npm package f2e-server

CVE-2022-25898 Vulnerability in maven package org.webjars.npm:jsrsasign

Severity

Critical

Description

Remediation

References

Related Vulnerabilities

Severity

Tags

Take action and discover your vulnerabilities