ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Plone | Plone | * | 4.2.2 (including) |
Plone | Plone | 1.0 (including) | 1.0 (including) |
Plone | Plone | 1.0.1 (including) | 1.0.1 (including) |
Plone | Plone | 1.0.2 (including) | 1.0.2 (including) |
Plone | Plone | 1.0.3 (including) | 1.0.3 (including) |
Plone | Plone | 1.0.4 (including) | 1.0.4 (including) |
Plone | Plone | 1.0.5 (including) | 1.0.5 (including) |
Plone | Plone | 1.0.6 (including) | 1.0.6 (including) |
Plone | Plone | 2.0 (including) | 2.0 (including) |
Plone | Plone | 2.0.1 (including) | 2.0.1 (including) |
Plone | Plone | 2.0.2 (including) | 2.0.2 (including) |
Plone | Plone | 2.0.3 (including) | 2.0.3 (including) |
Plone | Plone | 2.0.4 (including) | 2.0.4 (including) |
Plone | Plone | 2.0.5 (including) | 2.0.5 (including) |
Plone | Plone | 2.1 (including) | 2.1 (including) |
Plone | Plone | 2.1.1 (including) | 2.1.1 (including) |
Plone | Plone | 2.1.2 (including) | 2.1.2 (including) |
Plone | Plone | 2.1.3 (including) | 2.1.3 (including) |
Plone | Plone | 2.1.4 (including) | 2.1.4 (including) |
Plone | Plone | 2.5 (including) | 2.5 (including) |
Plone | Plone | 2.5.1 (including) | 2.5.1 (including) |
Plone | Plone | 2.5.2 (including) | 2.5.2 (including) |
Plone | Plone | 2.5.3 (including) | 2.5.3 (including) |
Plone | Plone | 2.5.4 (including) | 2.5.4 (including) |
Plone | Plone | 2.5.5 (including) | 2.5.5 (including) |
Plone | Plone | 3.0 (including) | 3.0 (including) |
Plone | Plone | 3.0.1 (including) | 3.0.1 (including) |
Plone | Plone | 3.0.2 (including) | 3.0.2 (including) |
Plone | Plone | 3.0.3 (including) | 3.0.3 (including) |
Plone | Plone | 3.0.4 (including) | 3.0.4 (including) |
Plone | Plone | 3.0.5 (including) | 3.0.5 (including) |
Plone | Plone | 3.0.6 (including) | 3.0.6 (including) |
Plone | Plone | 3.1 (including) | 3.1 (including) |
Plone | Plone | 3.1.1 (including) | 3.1.1 (including) |
Plone | Plone | 3.1.2 (including) | 3.1.2 (including) |
Plone | Plone | 3.1.3 (including) | 3.1.3 (including) |
Plone | Plone | 3.1.4 (including) | 3.1.4 (including) |
Plone | Plone | 3.1.5.1 (including) | 3.1.5.1 (including) |
Plone | Plone | 3.1.6 (including) | 3.1.6 (including) |
Plone | Plone | 3.1.7 (including) | 3.1.7 (including) |
Plone | Plone | 3.2 (including) | 3.2 (including) |
Plone | Plone | 3.2.1 (including) | 3.2.1 (including) |
Plone | Plone | 3.2.2 (including) | 3.2.2 (including) |
Plone | Plone | 3.2.3 (including) | 3.2.3 (including) |
Plone | Plone | 3.3 (including) | 3.3 (including) |
Plone | Plone | 3.3.1 (including) | 3.3.1 (including) |
Plone | Plone | 3.3.2 (including) | 3.3.2 (including) |
Plone | Plone | 3.3.3 (including) | 3.3.3 (including) |
Plone | Plone | 3.3.4 (including) | 3.3.4 (including) |
Plone | Plone | 3.3.5 (including) | 3.3.5 (including) |
Plone | Plone | 4.0 (including) | 4.0 (including) |
Plone | Plone | 4.0.1 (including) | 4.0.1 (including) |
Plone | Plone | 4.0.2 (including) | 4.0.2 (including) |
Plone | Plone | 4.0.3 (including) | 4.0.3 (including) |
Plone | Plone | 4.0.4 (including) | 4.0.4 (including) |
Plone | Plone | 4.0.5 (including) | 4.0.5 (including) |
Plone | Plone | 4.0.6.1 (including) | 4.0.6.1 (including) |
Plone | Plone | 4.1 (including) | 4.1 (including) |
Plone | Plone | 4.1.4 (including) | 4.1.4 (including) |
Plone | Plone | 4.1.5 (including) | 4.1.5 (including) |
Plone | Plone | 4.1.6 (including) | 4.1.6 (including) |
Plone | Plone | 4.2 (including) | 4.2 (including) |
Plone | Plone | 4.2-a1 (including) | 4.2-a1 (including) |
Plone | Plone | 4.2-a2 (including) | 4.2-a2 (including) |
Plone | Plone | 4.2-b1 (including) | 4.2-b1 (including) |
Plone | Plone | 4.2-b2 (including) | 4.2-b2 (including) |
Plone | Plone | 4.2-rc1 (including) | 4.2-rc1 (including) |
Plone | Plone | 4.2-rc2 (including) | 4.2-rc2 (including) |
Plone | Plone | 4.2.0.1 (including) | 4.2.0.1 (including) |
Plone | Plone | 4.2.1 (including) | 4.2.1 (including) |
Plone | Plone | 4.2.1.1 (including) | 4.2.1.1 (including) |
Plone | Plone | 4.3 (including) | 4.3 (including) |
Red Hat Enterprise Linux 5 | RedHat | conga-0:0.12.2-81.el5 | * |