High severityNVD Advisory· Published Dec 5, 2007· Updated Jun 16, 2026
CVE-2007-5614
CVE-2007-5614
Description
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.mortbay.jetty:jettyMaven | < 6.1.6 | 6.1.6 |
Affected products
12cpe:2.3:a:mortbay_jetty:jetty:1.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:mortbay_jetty:jetty:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:5:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:6:*:*:*:*:*:*:*
- cpe:2.3:a:mortbay_jetty:jetty:6.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
12- www.kb.cert.org/vuls/id/438616nvdPatchUS Government ResourceWEB
- github.com/advisories/GHSA-fvh3-4v5r-cvvcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-5614ghsaADVISORY
- www.eclipse.org/jetty/about.phpghsaWEB
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00227.htmlnvdWEB
- www.redhat.com/archives/fedora-package-announce/2008-July/msg00250.htmlnvdWEB
- osvdb.org/42496nvd
- secunia.com/advisories/27925nvd
- secunia.com/advisories/30941nvd
- secunia.com/advisories/35143nvd
- svn.codehaus.org/jetty/jetty/trunk/VERSION.txtnvd
- www.securityfocus.com/bid/26695nvd
News mentions
0No linked articles in our index yet.