CVE-2011-4082

HIGH

phpldapadmin < 0.9.8 - Denial of Service via Accept-Language Header

Title source: llm

Description

A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request.

References (3)

Core 3

Core References

Broken Link x_refsource_misc

https://security-tracker.debian.org/tracker/CVE-2011-4082

Issue Tracking, Third Party Advisory x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4082

Third Party Advisory x_refsource_misc

https://access.redhat.com/security/cve/cve-2011-4082

Scores

CVSS v3 7.5

EPSS 0.0169

EPSS Percentile 74.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-400

Status published

Products (4)

debian/debian_linux 8.0

debian/debian_linux 9.0

debian/debian_linux 10.0

phpldapadmin_project/phpldapadmin < 0.9.8

Published Nov 26, 2019

Tracked Since Feb 18, 2026