Description

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.

Remediation

References

CVE-2001-0902

Related Vulnerabilities

PHP-Fusion Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-14960)

Drupal Other Vulnerability (CVE-2022-25275)

Oracle Database Server CVE-2015-2595 Vulnerability (CVE-2015-2595)

WordPress Plugin AJS Instagram Feed Cross-Site Scripting (1.0)

MyBB Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-3071)

Severity

High

Classification

CVE-2001-0902

Tags

Missing Update Known Vulnerabilities