The term "exploit" has a very specific meaning in computer security. It is a crafted application input which causes a system to fail in an undesireable manner (for the programmer; desireable for the attacker). A vulnerability, such as HTTP Response Splitting (or others listed in this category) are software bugs which ALLOW an exploit to work. Vulnerabilities and exploits are not the same thing. Many people get these mixed up, and is very confusing for security newbies. Things which do belong in under the "exploits" umbrella are things developed by people like the metasploit project, or portions of virus code which trigger overflows, etc. TDM 19:35, 26 October 2006 (UTC)Reply