Lucene search
+L

84 matches found

Debian
Debian
added 2012/02/29 8:22 p.m.71 views

[SECURITY] [DSA 2421-1] moodle security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2421-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 29, 2012 http://www.debian.org/security/faq -...

6.8CVSS6.6AI score0.02149EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/02/11 12:0 a.m.21 views

Debian: Security Advisory (DSA-2377-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.4AI score0.02142EPSS
Exploits0References3
NVD
NVD
added 2011/08/09 7:55 p.m.23 views

CVE-2011-2381

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notificatio...

4.3CVSS6.8AI score0.01518EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2011/08/09 7:55 p.m.29 views

CVE-2011-2381

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notificatio...

4.3CVSS5.9AI score0.01518EPSS
Exploits0References1
Prion
Prion
added 2011/08/09 7:55 p.m.18 views

Crlf injection

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notificatio...

4.3CVSS7.2AI score0.01518EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2011/08/09 7:0 p.m.35 views

CVE-2011-2381

CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notificatio...

6.6AI score0.01518EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2011/06/10 12:0 a.m.19 views

Debian DSA-2252-1 : dovecot - programming error

It was discovered that the message header parser in the Dovecot mail server parsed NUL characters incorrectly, which could lead to denial of service through malformed mail headers. The oldstable distribution lenny is not affected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

5CVSS5.4AI score0.0325EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/04/29 12:0 a.m.15 views

openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0175-1)

Huge mail headers could cause dovecot to consume excessive amounts of CPU CVE-2010-0745 dovecot was updated to version 1.2.11 which fixes the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

5CVSS5.3AI score0.03078EPSS
Exploits0References3
NVD
NVD
added 2009/05/14 5:30 p.m.25 views

CVE-2009-1578

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

4.3CVSS5.4AI score0.01977EPSS
Exploits1References32
CVE
CVE
added 2009/05/14 5:0 p.m.104 views

CVE-2009-1578

CVE-2009-1578 affects SquirrelMail < 1.4.18 and NaSMail

4.3CVSS6.6AI score0.01977EPSS
Exploits1References32Affected Software1
Prion
Prion
added 2007/08/31 12:17 a.m.16 views

Crlf injection

CRLF injection vulnerability in contact.php in Moonware aka Dale Mooney Gallery allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers...

4.3CVSS7.6AI score0.01072EPSS
Exploits0References4
NVD
NVD
added 2007/08/31 12:17 a.m.17 views

CVE-2007-4612

CRLF injection vulnerability in contact.php in Moonware aka Dale Mooney Gallery allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers...

4.3CVSS7AI score0.01072EPSS
Exploits0References4
CVE
CVE
added 2007/08/31 12:0 a.m.43 views

CVE-2007-4612

The CVE-2007-4612 entry concerns Moonware (Dale Mooney Gallery) software, specifically the contact.php script. The vulnerability is a CRLF injection that lets remote attackers inject arbitrary mail headers via CRLF sequences in the subject parameter. This header injection could be leveraged to ad...

4.3CVSS7.1AI score0.01072EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/08/31 12:0 a.m.20 views

CVE-2007-4612

CRLF injection vulnerability in contact.php in Moonware aka Dale Mooney Gallery allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers...

7AI score0.01072EPSS
Exploits0References4
Prion
Prion
added 2007/05/16 10:30 p.m.31 views

Crlf injection

CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF %0A sequences in the subject parameter, a related issue to CVE-2007-1898...

4CVSS7.2AI score0.02882EPSS
Exploits2References8Affected Software1
CVE
CVE
added 2007/05/16 10:0 p.m.53 views

CVE-2007-2731

Jetbox CMS 2.1 is affected by a CRLF injection in formmail.php, allowing remote attackers to inject arbitrary e-mail headers via LF sequences in the subject parameter. This is linked to CVE-2007-1898. The NetVigilance advisory notes that exploitation requires PHP register_globals to be On; a work...

4CVSS6.9AI score0.01571EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2007/03/28 12:19 a.m.24 views

CVE-2007-1718

CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the 1 Subject or 2 To parameter, as demonstrat...

7.8CVSS7.5AI score0.06689EPSS
Exploits1References26
securityvulns
securityvulns
added 2007/03/04 12:0 a.m.33 views

Symantec MailSecurity DoS

Crash on malcrafted mail headers parsing...

9.3CVSS1.9AI score0.06841EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2007/02/21 12:0 a.m.22 views

Email header injection

A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for. Component Type: TYPO3 Core Affected Versions: TYPO3 4.x below 4.0.5, 4.1beta, 4.1RC1, TYPO3 Versions 3.x Vulnerability Type: Email header...

7AI score
Exploits0Affected Software1
CVE
CVE
added 2006/08/24 8:0 p.m.56 views

CVE-2006-4344

The CVE-2006-4344 issue affects CGI-Rescue Mail F/W System (formd) prior to 8.3. The vulnerability is a CRLF injection in the mail.cgi and query.cgi components that enables remote attackers to spoof emails and inject email headers. The affected functionality is the mailing form/forwarding system,...

5CVSS7.2AI score0.01459EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder