CVE-2007-2291

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer version 7.0.5730.11

Description A CRLF injection issue exists in the Digest Authentication support, allowing remote attackers to conduct HTTP response splitting attacks by including a LF (%0a) in the username attribute.

Recommendations For Microsoft Internet Explorer version 7.0.5730.11, consider avoiding the use of Digest Authentication until a fix is available, or restrict access to sensitive resources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.