Stefan Fritsch wrote:
I agree. It might be exploitable with buggy browser plugins using HTTP request splitting. See e.g.http://www.adobe.com/support/security/advisories/apsa06-01.html
Request splitting was previously addressed in httpd.
Stefan Fritsch wrote:
I agree. It might be exploitable with buggy browser plugins using HTTP request splitting. See e.g.http://www.adobe.com/support/security/advisories/apsa06-01.html
Request splitting was previously addressed in httpd.