Lucene search

[email protected]CVE-2001-1188

HistoryMar 15, 2002 - 5:00 a.m.

CVE-2001-1188

2002-03-1505:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1188

brian dorricott mailto

spam email

hidden form fields

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.

Affected configurations

NVD

Node

brian_dorricottmailtoMatch1.0.7

brian_dorricottmailtoMatch1.0.8

brian_dorricottmailtoMatch1.0.9

CPENameOperatorVersion
brian_dorricott:mailtobrian dorricott mailtoeq1.0.7
brian_dorricott:mailtobrian dorricott mailtoeq1.0.8
brian_dorricott:mailtobrian dorricott mailtoeq1.0.9

CPE	Name	Operator	Version
brian_dorricott:mailto	brian dorricott mailto	eq	1.0.7
brian_dorricott:mailto	brian dorricott mailto	eq	1.0.8
brian_dorricott:mailto	brian dorricott mailto	eq	1.0.9

References

www.securityfocus.com/archive/1/244909

www.securityfocus.com/bid/3669

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2001-1188

nvd1 cvelist1