PT-2007-6626 · Mort Bay · Mort Bay Jetty

Tomasz Kuczynski

·

Published

2007-12-05

·

Updated

2022-05-01

·

CVE-2007-5615

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Mortbay Jetty versions prior to 6.1.6rc0
Description The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.
Recommendations For Mortbay Jetty versions prior to 6.1.6rc0, update to version 6.1.6rc0 or later to resolve the issue.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2007-5615
GHSA-966R-962G-2JQ5

Affected Products

Mort Bay Jetty