CVE Vulnerabilities

CVE-2005-3633

Published: Nov 16, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter.

Affected Software

Name Vendor Start Version End Version
Sap_web_application_server Sap 6.10 6.10
Sap_web_application_server Sap 6.20 6.20
Sap_web_application_server Sap 6.40 6.40
Sap_web_application_server Sap 7.0 7.0

References