VDB
CVE-2016-8024
CVE-2016-8024
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
EPSS 9.22% · 92.9th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
9.22%
92.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mcafee | virusscan_enterprise | 0 |
| Intel | VirusScan Enterprise Linux (VSEL) | * |
Timeline
- Dec 13, 2016 PoC Published
- Dec 13, 2016 PoC Published
- Mar 14, 2017 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10181&actp=null&viewlocale=en_US&showDraft=false&platinum_status=false&locale=en_US advisory
- 94823 vdb
- 1037433 vdb
- https://kc.mcafee.com/corporate/index?page=content&id=SB10181 url
- 40911 exploit
- https://nvd.nist.gov/vuln/detail/CVE-2016-8024 advisory
- https://www.exploit-db.com/exploits/40911 url