CRLF injection vulnerability in the Fileinfo 2.0.9 plugin for Total Commander allows user-assisted remote attackers to spoof the information in the Image File Header tab via strings with CRLF sequences in the IMAGE_EXPORT_DIRECTORY array in a PE file, which could complicate forensics investigations.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2007-08-21 21:17
Updated : 2024-02-28 11:01
NVD link : CVE-2007-4464
Mitre link : CVE-2007-4464
CVE.ORG link : CVE-2007-4464
JSON object : View
Products Affected
fransois_gannier
- fileinfo_plugin
ghisler
- total_commander
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')