cvelist/2004/1xxx/CVE-2004-1620.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2004-1620",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20041021 HTTP Response Splitting in Serendipity 0.7-beta4",
            "refsource" : "BUGTRAQ",
            "url" : "http://marc.info/?l=bugtraq&m=109841283115808&w=2"
         },
         {
            "name" : "http://www.s9y.org/5.html",
            "refsource" : "CONFIRM",
            "url" : "http://www.s9y.org/5.html"
         },
         {
            "name" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup",
            "refsource" : "CONFIRM",
            "url" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup"
         },
         {
            "name" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup",
            "refsource" : "CONFIRM",
            "url" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup"
         },
         {
            "name" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup",
            "refsource" : "CONFIRM",
            "url" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup"
         },
         {
            "name" : "http://sourceforge.net/project/shownotes.php?release_id=276694",
            "refsource" : "CONFIRM",
            "url" : "http://sourceforge.net/project/shownotes.php?release_id=276694"
         },
         {
            "name" : "11497",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/11497"
         },
         {
            "name" : "11013",
            "refsource" : "OSVDB",
            "url" : "http://www.osvdb.org/11013"
         },
         {
            "name" : "11038",
            "refsource" : "OSVDB",
            "url" : "http://www.osvdb.org/11038"
         },
         {
            "name" : "11039",
            "refsource" : "OSVDB",
            "url" : "http://www.osvdb.org/11039"
         },
         {
            "name" : "1011864",
            "refsource" : "SECTRACK",
            "url" : "http://securitytracker.com/id?1011864"
         },
         {
            "name" : "12909",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/12909/"
         },
         {
            "name" : "serendipity-response-splitting(17798)",
            "refsource" : "XF",
            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17798"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2004-1620",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20041021 HTTP Response Splitting in Serendipity 0.7-beta4",`
			`"refsource" : "BUGTRAQ",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://marc.info/?l=bugtraq&m=109841283115808&w=2"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.s9y.org/5.html",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.s9y.org/5.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://sourceforge.net/project/shownotes.php?release_id=276694",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://sourceforge.net/project/shownotes.php?release_id=276694"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "11497",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/11497"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "11013",`
			`"refsource" : "OSVDB",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.osvdb.org/11013"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "11038",`
			`"refsource" : "OSVDB",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.osvdb.org/11038"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "11039",`
			`"refsource" : "OSVDB",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.osvdb.org/11039"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1011864",`
			`"refsource" : "SECTRACK",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://securitytracker.com/id?1011864"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "12909",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/12909/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "serendipity-response-splitting(17798)",`
			`"refsource" : "XF",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17798"`
			`}`
			`]`
			`}`
			`}`