CVE-2007-4164

HIGH Year: 2007
CVSS v2 Score
7.5
High
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.

Related Vulnerabilities

CVE-2016-8284

LOW
CVSS:1.8(Low)

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.

NVD-CWE-Other2016

CVE-2017-10122

LOW
CVSS:1.8(Low)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high p...

NVD-CWE-Other2017

CVE-2018-3270

LOW
CVSS:1.8(Low)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privi...

NVD-CWE-Other2018

CVE-2019-3008

LOW
CVSS:1.8(Low)

Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDAP Library). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacke...

NVD-CWE-Other2019

CVE-2021-2147

LOW
CVSS:1.8(Low)

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high...

NVD-CWE-Other2021

CVE-2021-35618

LOW
CVSS:1.8(Low)

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high priv...

NVD-CWE-Other2021