Lucene search

[email protected]CVE-2006-2943

HistoryJun 12, 2006 - 8:06 p.m.

CVE-2006-2943

2006-06-1220:06:00

[email protected]

web.nvd.nist.gov

cve-2006-2943

cgi-rescue

webform

vulnerability

remote attackers

email headers

spam

nvd

6.7 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.9%

JSON

Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.

Affected configurations

NVD

Node

cgi-rescuewebformRange≤4.1

CPENameOperatorVersion
cgi-rescue:webformcgi-rescue webformle4.1

CPE	Name	Operator	Version
cgi-rescue:webform	cgi-rescue webform	le	4.1

References

jvn.jp/jp/JVN%2339570254/index.html

secunia.com/advisories/20515

www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645

www.securityfocus.com/bid/18434

www.vupen.com/english/advisories/2006/2234

exchange.xforce.ibmcloud.com/vulnerabilities/27130

6.7 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.9%

JSON

Related for CVE-2006-2943

cvelist1 prion1 nvd1