First published: Tue Mar 07 2006(Updated: )
SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sap Sap Web Application Server | =6.10 | |
Sap Sap Web Application Server | =6.20 | |
Sap Sap Web Application Server | =6.40 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.