CVE-2004-1687 Information

Description

CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter.

Reference

http://forum.snitz.com/forum/topic.asp?ARCHIVE=true&TOPIC_ID=54791 http://marc.info/?l=bugtraq&m=109537195413691&w=2 http://secunia.com/advisories/12590 http://www.securityfocus.com/bid/11201 https://exchange.xforce.ibmcloud.com/vulnerabilities/17421