Lucene search
HistoryMay 08, 2009 - 6:30 p.m.
CVE-2009-1591
crlf injection
cgi rescue
web mailer
vulnerability
xss
http response splitting
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.3 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.8%
CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting (XSS) or HTTP response splitting attacks, via CRLF sequences in an unspecified web form.
Affected configurations
Node
cgi_rescuecgi_web_mailerRange≤1.03
| CPE | Name | Operator | Version |
|---|---|---|---|
| cgi_rescue:cgi_web_mailer | cgi rescue cgi web mailer | le | 1.03 |
Related
prion
prion
Crlf injection
2009-05-08 18:30:00
jvn
jvn
JVN#28020230 Web Mailer from CGI RESCUE vulnerable to HTTP header injection
2009-04-27 00:00:00
cvelist
cvelist
CVE-2009-1591
2009-05-08 18:00:00
nvd
nvd
CVE-2009-1591
2009-05-08 18:30:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.3 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.8%
Related for CVE-2009-1591