Lucene search
HistoryJul 10, 2006 - 8:05 p.m.
CVE-2006-3473
crlf injection
form_mail
drupal module
vulnerability
remote attackers
e-mail headers
nvd
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.3%
CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 allows remote attackers to inject e-mail headers, which facilitates sending spam messages, a different issue than CVE-2006-1225.
| CPE | Name | Operator | Version |
|---|---|---|---|
| drupal:form_mail_module | drupal form mail module | le | 1.8.2.1 |
Related
cve
cve
CVE-2006-1225
2006-03-14 19:06:00
prion
prion
Crlf injection
2006-03-14 19:06:00
ubuntucve
ubuntucve
CVE-2006-1225
2006-03-14 00:00:00
debian
debian
[SECURITY] [DSA 1007-1] New drupal packages fix several vulnerabilities
2006-03-17 09:42:35
[SECURITY] [DSA 1007-1] New drupal packages fix several vulnerabilities
2006-03-17 09:42:35
nessus
nessus
Debian DSA-1007-1 : drupal - several vulnerabilities
2006-10-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 1007-1 (drupal)
2008-01-17 00:00:00
osv
osv
drupal - several
2006-03-17 00:00:00
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.3%
Related for CVE-2006-3473