Lucene search

[email protected]CVE-2006-2944

HistoryJun 12, 2006 - 8:06 p.m.

CVE-2006-2944

2006-06-1220:06:00

[email protected]

web.nvd.nist.gov

vulnerability

cgi-rescue

form2mail

remote

email injection

spam

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.

Affected configurations

NVD

Node

cgi-rescueform2mailRange≤1.21

CPENameOperatorVersion
cgi-rescue:form2mailcgi-rescue form2maille1.21

CPE	Name	Operator	Version
cgi-rescue:form2mail	cgi-rescue form2mail	le	1.21

References

jvn.jp/jp/JVN%2339570254/index.html

secunia.com/advisories/20515

www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645

www.securityfocus.com/bid/18434

www.vupen.com/english/advisories/2006/2234

exchange.xforce.ibmcloud.com/vulnerabilities/27130

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for CVE-2006-2944

nvd1 cvelist1 prion1