icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

LogMeIn 'cfgadvanced.html' HTTP Header Injection

Medium

Synopsis

The remote host is affected by a HTTP header injection vulnerability.

Description

The remote host is a LogMeIn server awaiting remote connections. The installed version of LogMeIn is 4.0.784 or earlier. Such versions are reportedly affected by a HTTP header injection vulnerability. An attacker could exploit this in order to launch various attacks including cross-site scripting, and cross-site request forgery.

Solution

Disable this service if it is not needed.