Lucene search

[email protected]NVD:CVE-2004-2054

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2054

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.005

Percentile

77.5%

JSON

CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via (1) the mode parameter to privmsg.php or (2) the redirect parameter to login.php.

Affected configurations

Nvd

Node

phpbb_groupphpbbMatch2.0.0

phpbb_groupphpbbMatch2.0.1

phpbb_groupphpbbMatch2.0.2

phpbb_groupphpbbMatch2.0.3

phpbb_groupphpbbMatch2.0.4

phpbb_groupphpbbMatch2.0.5

phpbb_groupphpbbMatch2.0.6

phpbb_groupphpbbMatch2.0.6c

phpbb_groupphpbbMatch2.0.6d

phpbb_groupphpbbMatch2.0.7

phpbb_groupphpbbMatch2.0.7a

phpbb_groupphpbbMatch2.0.8

phpbb_groupphpbbMatch2.0.8a

phpbb_groupphpbbMatch2.0.9

phpbb_groupphpbbMatch2.0_beta1

phpbb_groupphpbbMatch2.0_rc1

phpbb_groupphpbbMatch2.0_rc2

phpbb_groupphpbbMatch2.0_rc3

phpbb_groupphpbbMatch2.0_rc4

VendorProductVersionCPE
phpbb_groupphpbb2.0.0cpe:2.3:a:phpbb_group:phpbb:2.0.0:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.1cpe:2.3:a:phpbb_group:phpbb:2.0.1:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.2cpe:2.3:a:phpbb_group:phpbb:2.0.2:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.3cpe:2.3:a:phpbb_group:phpbb:2.0.3:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.4cpe:2.3:a:phpbb_group:phpbb:2.0.4:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.5cpe:2.3:a:phpbb_group:phpbb:2.0.5:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.6cpe:2.3:a:phpbb_group:phpbb:2.0.6:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.6ccpe:2.3:a:phpbb_group:phpbb:2.0.6c:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.6dcpe:2.3:a:phpbb_group:phpbb:2.0.6d:*:*:*:*:*:*:*
phpbb_groupphpbb2.0.7cpe:2.3:a:phpbb_group:phpbb:2.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpbb_group	phpbb	2.0.0	cpe:2.3:a:phpbb_group:phpbb:2.0.0:::::::*
phpbb_group	phpbb	2.0.1	cpe:2.3:a:phpbb_group:phpbb:2.0.1:::::::*
phpbb_group	phpbb	2.0.2	cpe:2.3:a:phpbb_group:phpbb:2.0.2:::::::*
phpbb_group	phpbb	2.0.3	cpe:2.3:a:phpbb_group:phpbb:2.0.3:::::::*
phpbb_group	phpbb	2.0.4	cpe:2.3:a:phpbb_group:phpbb:2.0.4:::::::*
phpbb_group	phpbb	2.0.5	cpe:2.3:a:phpbb_group:phpbb:2.0.5:::::::*
phpbb_group	phpbb	2.0.6	cpe:2.3:a:phpbb_group:phpbb:2.0.6:::::::*
phpbb_group	phpbb	2.0.6c	cpe:2.3:a:phpbb_group:phpbb:2.0.6c:::::::*
phpbb_group	phpbb	2.0.6d	cpe:2.3:a:phpbb_group:phpbb:2.0.6d:::::::*
phpbb_group	phpbb	2.0.7	cpe:2.3:a:phpbb_group:phpbb:2.0.7:::::::*

Rows per page:

1-10 of 191

References

marc.info/?l=bugtraq&m=109034476122723&w=2

secunia.com/advisories/12114

www.securityfocus.com/bid/10753

exchange.xforce.ibmcloud.com/vulnerabilities/16759

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.005

Percentile

77.5%

JSON

Related for NVD:CVE-2004-2054

cvelist1 cve1 openvas2 nessus1