Page 10 - Top Web Site Vulnerabilities

Home

News

Top Web Site Vulnerabilities - HTTP Response Splitting
( Page 10 of 11 )

This occurs when someone can inject his or her own data into the HTTP headers the server sends to a Web browser. It can be used to execute arbitrary HTML or JavaScript code in the victim's browser, for cache poisoning, for cross-user defacement or to hijack pages. This occurs in one in 12 Web sites.

Next: Directory Indexing >>

	Discuss Top Web Site Vulnerabilities

	>>> Be the FIRST to comment on this article!



	>>> More News Articles >>> More Slideshows


Back	Play	Next	Slideshow Archive

Slideshow Index:

Top Web Site Vulnerabilities Cross-Site Scripting Information Leakage Content Spoofing Predictable Resource Location SQL Injection Insufficient Authentication Insufficient Authorization Abuse of Functionality HTTP Response Splitting Directory Indexing

eWeek Midmarket Contact Us \| Advertise

	Storage Devices \| Networking Security \| Network Infrastructure \| Wireless Networking \| Database Management Systems \| PC Desktops \| Web Programming \| Enterprise Solutions Linux Operating Systems \| Mac Operating System \| Mobile Messaging \| Internet Telephony Microsoft Windows News \| Google Watch \| IBM Watch


	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| White Papers \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| System Builder
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep Use of this site is governed by our Terms of Use and Privacy Policy
	Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWeek Mid-market is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise, Inc. is prohibited.

eWeek Midmarket Contact Us \| Advertise

	Storage Devices \| Networking Security \| Network Infrastructure \| Wireless Networking \| Database Management Systems \| PC Desktops \| Web Programming \| Enterprise Solutions Linux Operating Systems \| Mac Operating System \| Mobile Messaging \| Internet Telephony Microsoft Windows News \| Google Watch \| IBM Watch


	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| White Papers \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| System Builder
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep Use of this site is governed by our Terms of Use and Privacy Policy
	Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWeek Mid-market is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise, Inc. is prohibited.