Vulnerability Description
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Comersus Open Technologies | Comersus Cart | 5.0.991 |
References
- http://marc.info/?l=bugtraq&m=109405777905519&w=2
- http://www.securityfocus.com/bid/11083ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17201
- http://marc.info/?l=bugtraq&m=109405777905519&w=2
- http://www.securityfocus.com/bid/11083ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17201
FAQ
What is CVE-2004-1656?
CVE-2004-1656 is a vulnerability with a CVSS score of 5.0 (MEDIUM). CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl par...
How severe is CVE-2004-1656?
CVE-2004-1656 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1656?
Check the references section above for vendor advisories and patch information. Affected products include: Comersus Open Technologies Comersus Cart.