Vulnerabilities > CVE-2016-0400 - HTTP Response Splitting vulnerability in IBM WebSphere eXtreme Scale
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. <a href="https://cwe.mitre.org/data/definitions/93.html">CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')</a>
Vulnerable Configurations
Exploit-Db
description | Windows 7 SP1 x86 - Privilege Escalation (MS16-014). CVE-2016-0400. Local exploit for win32 platform |
file | exploits/windows_x86/local/40039.cpp |
id | EDB-ID:40039 |
last seen | 2016-06-29 |
modified | 2016-06-29 |
platform | windows_x86 |
port | |
published | 2016-06-29 |
reporter | blomster81 |
source | https://www.exploit-db.com/download/40039/ |
title | Windows 7 SP1 x86 - Privilege Escalation MS16-014 |
type | local |
Packetstorm
data source | https://packetstormsecurity.com/files/download/137721/win7sp1-escalate.txt |
id | PACKETSTORM:137721 |
last seen | 2016-12-05 |
published | 2016-06-30 |
reporter | blomster81 |
source | https://packetstormsecurity.com/files/137721/Windows-7-SP1-x86-Privilege-Escalation.html |
title | Windows 7 SP1 x86 Privilege Escalation |