Bug
Improper neutralization of CRLF (Carriage Return Line Feed) sequences in HTTP Headers (HTTP response splitting) allow for ArcIMS to set an arbitrary cookie.
| Bug ID Number | BUG-000081091 |
|---|---|
| Submitted | September 4, 2014 |
| Last Modified | April 27, 2022 |
| Severity | High |
| Applies to | ArcIMS |
| Version found | 10.0 |
| Operating System | Windows OS |
| Operating System Version | 7 |
| Status | Will Not Be Addressed |
Additional Information
ArcIMS is at end of life.Steps to Reproduce
Bug ID: BUG-000081091
Software:
- ArcIMS
Get help from ArcGIS experts
Download the Esri Support App
Discover more on this topic
Search for related information
Find training related to this topic
Explore ideas and give feedback