E-mail Header Injection Vulnerabilities
| Autor: | Ziming Zhao, Adam Doupé, Sai Prashanth Chandramouli, Gail-Joon Ahn |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
General Computer Science
Computer science 020204 information systems 0202 electrical engineering electronic engineering information engineering 020207 software engineering 02 engineering and technology Computer security computer.software_genre GeneralLiterature_REFERENCE(e.g. dictionaries encyclopedias glossaries) computer |
| Zdroj: | it - Information Technology. 59:67-72 |
| ISSN: | 2196-7032 1611-2776 |
| Popis: | E-mail Header Injection vulnerability is a class of vulnerability that can occur in web applications that use user input to construct e-mail messages. E-mail Header Injection is possible when the mailing script fails to check for the presence of e-mail headers in user input (either form fields or URL parameters). The vulnerability exists in the reference implementation of the built-in mail functionality in popular languages such as PHP, Java, Python, and Ruby. With the proper injection string, this vulnerability can be exploited to inject additional headers, modify existing headers, and alter the content of the e-mail. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|