Description

Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.

Remediation

References

CVE-2001-0902

Related Vulnerabilities

WordPress Plugin WPS Hide Login Multiple Security Bypass Vulnerabilities (1.5.2.2)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-23179)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-10095)

WordPress Plugin CAC Featured Content TimThumb Arbitrary File Upload (0.8)

Phusion Passenger Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2013-4136)

Severity

High

Classification

CVE-2001-0902

Tags

Missing Update Known Vulnerabilities