CVE-2005-3982

Опубликовано: 04 дек. 2005

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Ссылки

http://secunia.com/advisories/17848
Patch
Vendor Advisory
http://secunia.com/advisories/19240
Patch
Vendor Advisory
http://vd.lwang.org/webcalendar_multiple_vulns.txt
http://www.debian.org/security/2006/dsa-1002
Patch
Vendor Advisory
http://www.osvdb.org/21383
http://www.securityfocus.com/archive/1/418286/100/0/threaded
http://www.securityfocus.com/bid/15673
http://www.vupen.com/english/advisories/2005/2702
http://secunia.com/advisories/17848
Patch
Vendor Advisory
http://secunia.com/advisories/19240
Patch
Vendor Advisory
http://vd.lwang.org/webcalendar_multiple_vulns.txt
http://www.debian.org/security/2006/dsa-1002
Patch
Vendor Advisory
http://www.osvdb.org/21383
http://www.securityfocus.com/archive/1/418286/100/0/threaded
http://www.securityfocus.com/bid/15673
http://www.vupen.com/english/advisories/2005/2702

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webcalendar:webcalendar:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.16479

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2005-3982

ubuntu

почти 20 лет назад

CVE-2005-3982

debian

почти 20 лет назад

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 ...

GHSA-p95x-f93r-h96r

github

больше 3 лет назад

EPSS

Процентиль: 95%

0.16479

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other