CVE-2007-5614

N/A Unknown

Published: December 05, 2007 Modified: April 23, 2026

Description

Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/42496

Source: cret@cert.org

http://secunia.com/advisories/27925

Source: cret@cert.org

http://secunia.com/advisories/30941

Source: cret@cert.org

http://secunia.com/advisories/35143

Source: cret@cert.org

http://svn.codehaus.org/jetty/jetty/trunk/VERSION.txt

Source: cret@cert.org

http://www.kb.cert.org/vuls/id/438616

Source: cret@cert.org

Patch US Government Resource

http://www.securityfocus.com/bid/26695

Source: cret@cert.org

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.html

Source: cret@cert.org

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.html

Source: cret@cert.org

http://osvdb.org/42496