OpenCVE

Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Php	Php

Configuration 1 [-]

OR	cpe:2.3:a:php:php:5.0:rc1::::::
	cpe:2.3:a:php:php:5.0:rc2::::::
	cpe:2.3:a:php:php:5.0:rc3::::::
	cpe:2.3:a:php:php:5.0.0:::::::*
	cpe:2.3:a:php:php:5.0.1:::::::*
	cpe:2.3:a:php:php:5.0.2:::::::*
	cpe:2.3:a:php:php:5.0.3:::::::*
	cpe:2.3:a:php:php:5.0.4:::::::*
	cpe:2.3:a:php:php:5.0.5:::::::*
	cpe:2.3:a:php:php:5.1.0:::::::*
	cpe:2.3:a:php:php:5.1.1:::::::*

No data.

References

Link	Providers
http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html
http://secunia.com/advisories/18431
http://secunia.com/advisories/18697
http://secunia.com/advisories/19012
http://secunia.com/advisories/19179
http://secunia.com/advisories/19355
http://secunia.com/advisories/25945
http://securitytracker.com/id?1015484
http://www.debian.org/security/2007/dsa-1331
http://www.gentoo.org/security/en/glsa/glsa-200603-22.xml
http://www.hardened-php.net/advisory_012006.112.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:028
http://www.php.net/release_5_1_2.php
http://www.securityfocus.com/bid/16220
http://www.vupen.com/english/advisories/2006/0177
http://www.vupen.com/english/advisories/2006/0369
https://exchange.xforce.ibmcloud.com/vulnerabilities/24094
https://usn.ubuntu.com/261-1/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-01-13T23:00:00

Updated: 2024-08-07T16:25:33.999Z

Reserved: 2006-01-13T00:00:00

Link: CVE-2006-0207

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-01-13T23:03:00.000

Modified: 2024-11-21T00:05:55.420

Link: CVE-2006-0207

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-12T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-03T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "19355", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19355"}, {"name": "1015484", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015484"}, {"name": "USN-261-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/261-1/"}, {"name": "SUSE-SR:2006:004", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"}, {"name": "18431", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18431"}, {"name": "ADV-2006-0369", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0369"}, {"name": "ADV-2006-0177", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0177"}, {"name": "19179", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19179"}, {"tags": ["x_refsource_MISC"], "url": "http://www.hardened-php.net/advisory_012006.112.html"}, {"name": "GLSA-200603-22", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-22.xml"}, {"name": "DSA-1331", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1331"}, {"name": "18697", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18697"}, {"name": "php-session-response-splitting(24094)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24094"}, {"name": "25945", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25945"}, {"name": "MDKSA-2006:028", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:028"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/release_5_1_2.php"}, {"name": "19012", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19012"}, {"name": "16220", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16220"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0207", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "19355", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19355"}, {"name": "1015484", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015484"}, {"name": "USN-261-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/261-1/"}, {"name": "SUSE-SR:2006:004", "refsource": "SUSE", "url": "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"}, {"name": "18431", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18431"}, {"name": "ADV-2006-0369", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0369"}, {"name": "ADV-2006-0177", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0177"}, {"name": "19179", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19179"}, {"name": "http://www.hardened-php.net/advisory_012006.112.html", "refsource": "MISC", "url": "http://www.hardened-php.net/advisory_012006.112.html"}, {"name": "GLSA-200603-22", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-22.xml"}, {"name": "DSA-1331", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1331"}, {"name": "18697", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18697"}, {"name": "php-session-response-splitting(24094)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24094"}, {"name": "25945", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25945"}, {"name": "MDKSA-2006:028", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:028"}, {"name": "http://www.php.net/release_5_1_2.php", "refsource": "CONFIRM", "url": "http://www.php.net/release_5_1_2.php"}, {"name": "19012", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19012"}, {"name": "16220", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16220"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:25:33.999Z"}, "title": "CVE Program Container", "references": [{"name": "19355", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19355"}, {"name": "1015484", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015484"}, {"name": "USN-261-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/261-1/"}, {"name": "SUSE-SR:2006:004", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"}, {"name": "18431", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18431"}, {"name": "ADV-2006-0369", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0369"}, {"name": "ADV-2006-0177", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0177"}, {"name": "19179", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19179"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.hardened-php.net/advisory_012006.112.html"}, {"name": "GLSA-200603-22", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-22.xml"}, {"name": "DSA-1331", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1331"}, {"name": "18697", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18697"}, {"name": "php-session-response-splitting(24094)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24094"}, {"name": "25945", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25945"}, {"name": "MDKSA-2006:028", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:028"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.php.net/release_5_1_2.php"}, {"name": "19012", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19012"}, {"name": "16220", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16220"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-0207", "datePublished": "2006-01-13T23:00:00", "dateReserved": "2006-01-13T00:00:00", "dateUpdated": "2024-08-07T16:25:33.999Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function."}], "id": "CVE-2006-0207", "lastModified": "2024-11-21T00:05:55.420", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-01-13T23:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18431"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18697"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19012"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19179"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19355"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25945"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://securitytracker.com/id?1015484"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1331"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-22.xml"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.hardened-php.net/advisory_012006.112.html"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:028"}, {"source": "cve@mitre.org", "url": "http://www.php.net/release_5_1_2.php"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/16220"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/0177"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/0369"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24094"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/261-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18431"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18697"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19012"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19179"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19355"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25945"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://securitytracker.com/id?1015484"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-22.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.hardened-php.net/advisory_012006.112.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:028"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.php.net/release_5_1_2.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/16220"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/0177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/0369"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24094"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/261-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}