GSD-2006-5330

Vulnerability from gsd - Updated: 2023-12-13 01:19
Details
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.
Aliases
Aliases
CVE-2006-5330
To clipboard 

{
  "GSD": {
    "alias": "CVE-2006-5330",
    "description": "CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType.  NOTE: the flexibility of the attack varies depending on the type of web browser being used.",
    "id": "GSD-2006-5330",
    "references": [
      "https://www.suse.com/security/cve/CVE-2006-5330.html",
      "https://access.redhat.com/errata/RHSA-2007:0009"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-5330"
      ],
      "details": "CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType.  NOTE: the flexibility of the attack varies depending on the type of web browser being used.",
      "id": "GSD-2006-5330",
      "modified": "2023-12-13T01:19:56.552704Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-5330",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType.  NOTE: the flexibility of the attack varies depending on the type of web browser being used."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.adobe.com/support/security/advisories/apsa06-01.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/advisories/apsa06-01.html"
          },
          {
            "name": "TA07-072A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "name": "102932",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102932-1"
          },
          {
            "name": "22467",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/22467"
          },
          {
            "name": "APPLE-SA-2007-03-13",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
          },
          {
            "name": "RHSA-2007:0009",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0009.html"
          },
          {
            "name": "http://docs.info.apple.com/article.html?artnum=305214",
            "refsource": "CONFIRM",
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "23324",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23324"
          },
          {
            "name": "flashplayer-multiple-xsrf(29634)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29634"
          },
          {
            "name": "SUSE-SA:2006:077",
            "refsource": "SUSE",
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0006.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11405",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11405"
          },
          {
            "name": "25467",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25467"
          },
          {
            "name": "ADV-2006-4094",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/4094"
          },
          {
            "name": "29863",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/29863"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb06-18.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb06-18.html"
          },
          {
            "name": "http://www.rapid7.com/advisories/R7-0026.jsp",
            "refsource": "MISC",
            "url": "http://www.rapid7.com/advisories/R7-0026.jsp"
          },
          {
            "name": "20592",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20592"
          },
          {
            "name": "ADV-2007-0930",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "name": "1737",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/1737"
          },
          {
            "name": "ADV-2007-1999",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/1999"
          },
          {
            "name": "23581",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/23581"
          },
          {
            "name": "20061017 Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/448997/100/0/threaded"
          },
          {
            "name": "1017078",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1017078"
          },
          {
            "name": "24479",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/24479"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.63",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0_r67",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:windows:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.0.16",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:mac_os_x:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.0.28.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5330"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType.  NOTE: the flexibility of the attack varies depending on the type of web browser being used."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.rapid7.com/advisories/R7-0026.jsp",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.rapid7.com/advisories/R7-0026.jsp"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa06-01.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.adobe.com/support/security/advisories/apsa06-01.html"
            },
            {
              "name": "20592",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/20592"
            },
            {
              "name": "1017078",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1017078"
            },
            {
              "name": "22467",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/22467"
            },
            {
              "name": "29863",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/29863"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb06-18.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.adobe.com/support/security/bulletins/apsb06-18.html"
            },
            {
              "name": "SUSE-SA:2006:077",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0006.html"
            },
            {
              "name": "23324",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/23324"
            },
            {
              "name": "RHSA-2007:0009",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0009.html"
            },
            {
              "name": "23581",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/23581"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=305214",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://docs.info.apple.com/article.html?artnum=305214"
            },
            {
              "name": "24479",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24479"
            },
            {
              "name": "APPLE-SA-2007-03-13",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
            },
            {
              "name": "102932",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102932-1"
            },
            {
              "name": "TA07-072A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
            },
            {
              "name": "25467",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/25467"
            },
            {
              "name": "1737",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/1737"
            },
            {
              "name": "ADV-2007-0930",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/0930"
            },
            {
              "name": "ADV-2006-4094",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/4094"
            },
            {
              "name": "ADV-2007-1999",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1999"
            },
            {
              "name": "flashplayer-multiple-xsrf(29634)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29634"
            },
            {
              "name": "oval:org.mitre.oval:def:11405",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11405"
            },
            {
              "name": "20061017 Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/448997/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-17T21:42Z",
      "publishedDate": "2006-10-17T21:07Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.