[ICE-2185] fortify scan ServletRequestResponse HTTP Response Splitting - ICEsoft JIRA Issue Tracker

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.7DR#1
Fix Version/s: 1.6.2, 1.7DR#2, 1.7
Component/s: Framework
Labels:
None
Environment:
ICEfaces

Description

HTTP response corruption can occur if CR or LF are allowed within HTTP headers.

Activity

Hide

Permalink

Ted Goddard added a comment - 24/Oct/07 5:52 PM

svn merge -r 14636:14891 ../../../trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletRequestResponse.java core/src/com/icesoft/faces/webapp/http/servlet/ServletRequestResponse.java

Show

Ted Goddard added a comment - 24/Oct/07 5:52 PM svn merge -r 14636:14891 ../../../trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletRequestResponse.java core/src/com/icesoft/faces/webapp/http/servlet/ServletRequestResponse.java

People

Assignee:

Unassigned

Reporter:

Ted Goddard

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

04/Oct/07 5:44 PM

Updated:

16/Nov/09 11:03 AM

Resolved:

16/Nov/09 11:03 AM