CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.098

EPSS Ranking 92.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2008-3906

Mono » Mono » Version: 1.0

cpe:2.3:a:mono:mono:1.0
Mono » Mono » Version: 1.0.5

cpe:2.3:a:mono:mono:1.0.5
Mono » Mono » Version: 1.1.13

cpe:2.3:a:mono:mono:1.1.13
Mono » Mono » Version: 1.1.13.4

cpe:2.3:a:mono:mono:1.1.13.4
Mono » Mono » Version: 1.1.13.6

cpe:2.3:a:mono:mono:1.1.13.6
Mono » Mono » Version: 1.1.13.7

cpe:2.3:a:mono:mono:1.1.13.7
Mono » Mono » Version: 1.1.17

cpe:2.3:a:mono:mono:1.1.17
Mono » Mono » Version: 1.1.17.1

cpe:2.3:a:mono:mono:1.1.17.1
Mono » Mono » Version: 1.1.18

cpe:2.3:a:mono:mono:1.1.18
Mono » Mono » Version: 1.1.4

cpe:2.3:a:mono:mono:1.1.4
Mono » Mono » Version: 1.1.8.3

cpe:2.3:a:mono:mono:1.1.8.3
Mono » Mono » Version: 1.2.5.1

cpe:2.3:a:mono:mono:1.2.5.1
Mono Project » Mono » Version: Any

cpe:2.3:a:mono_project:mono:*
Mono Project » Mono » Version: 1.2.1

cpe:2.3:a:mono_project:mono:1.2.1
Mono Project » Mono » Version: 1.2.2

cpe:2.3:a:mono_project:mono:1.2.2
Mono Project » Mono » Version: 1.2.3

cpe:2.3:a:mono_project:mono:1.2.3
Mono Project » Mono » Version: 1.2.4

cpe:2.3:a:mono_project:mono:1.2.4
Mono Project » Mono » Version: 1.2.5

cpe:2.3:a:mono_project:mono:1.2.5
Mono Project » Mono » Version: 1.2.6

cpe:2.3:a:mono_project:mono:1.2.6
Mono Project » Mono » Version: 1.9

cpe:2.3:a:mono_project:mono:1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-3906

Products

Pricing

Contact Us