← Back

CVE-2007-5614

nvd nist
Published: Dec 5, 2007Modified: Apr 23, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

Affected (11)

Products: Mortbay Jetty: Jetty
Mortbay Jetty
1 product
Jetty
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Mortbay Jetty
Jetty
Version 1.0
Jetty
Version 2.4
Jetty
Version 3.0
Jetty
Version 3.1
Jetty
Version 4.0
Jetty
Version 4.1
Jetty
Version 4.2
Jetty
Version 5.1
Jetty
Version 5
Jetty
Version 6.1
Jetty
Version 6

References (18)

Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
PatchUS Government Resource
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.