CVE-2016-5387


Severity : HIGH
Published : 2016-07-18
Modified : 2018-01-18
Base Score : 5.1
Details : The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "This mitigation has been assigned the identifier CVE-2016-5387"; in other words, this is not a CVE ID for a vulnerability.
Product/Version : CGE 5.x  
Mobilinux 5.x  
Pro 5.0  
Carrier Grade CGE 6.0  
Carrier Grade CGE 7.0  
CGX 2.0 unspecified  
 
 
 

CVE Vulnerabilities List CVE-2016

CVE-2016-0704 CVE-2016-0772 CVE-2016-0797 CVE-2016-0799
CVE-2016-0800 CVE-2016-1839 CVE-2016-2073 CVE-2016-2105
CVE-2016-2106 CVE-2016-2108 CVE-2016-2182 CVE-2016-2183
CVE-2016-3115 CVE-2016-3841 CVE-2016-3951 CVE-2016-4483
CVE-2016-5387 CVE-2016-6210 CVE-2016-6304 CVE-2016-6515
CVE-2016-9310 CVE-2016-9311