CVE-2007-2401

Apple Mac OS X <10.4.9 - CRLF Injection

Title source: llm

Description

CRLF injection vulnerability in WebCore in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1, allows remote attackers to inject arbitrary HTTP headers via LF characters in an XMLHttpRequest request, which are not filtered when serializing headers via the setRequestHeader function. NOTE: this issue can be leveraged for cross-site scripting (XSS) attacks.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Richard Moore · textremoteosx

https://www.exploit-db.com/exploits/30228

View Code ZIP pw:eip

References (15)

[Vendor Advisory] http://docs.info.apple.com/article.html?artnum=305759

[Vendor Advisory] http://docs.info.apple.com/article.html?artnum=306173

[Patch] http://lists.apple.com/archives/Security-announce/2007/Jun/msg00003.html

[Patch, Vendor Advisory] http://secunia.com/advisories/25786

[Vendor Advisory] http://secunia.com/advisories/26287

[US Government Resource] http://www.kb.cert.org/vuls/id/845708

[Patch] http://www.securityfocus.com/bid/24598

[Patch] http://www.securitytracker.com/id?1018281

[Patch, Vendor Advisory] http://www.westpoint.ltd.uk/advisories/wp-07-0002.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/35017

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/472198/100/0/threaded

[Third Party Advisory, VDB Entry] http://osvdb.org/36449

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2296

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2316

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2731

Scores

EPSS 0.0331

EPSS Percentile 87.1%

Classification

CWE

CWE-79

Status draft

Affected Products (4)

apple/mac_os_x

apple/mac_os_x

apple/mac_os_x_server

apple/mac_os_x_server

Timeline

Published Jun 25, 2007

Tracked Since Feb 18, 2026