CVE-2004-1513

high

Description

04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/18034

http://www.soft3304.net/04WebServer/Security.html

http://www.security.org.sg/vuln/04webserver142.html

http://secunia.com/advisories/13159/

http://marc.info/?l=bugtraq&m=110054395311823&w=2

http://marc.info/?l=bugtraq&m=110012542615484&w=2

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.00675

Detections

Analytics