Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2431


Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2431
Last Modified 05 Sep 2008 04:51:44
Published 03 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses (aka mail bomb).

Vulnerable Systems


  • Gforge 4.5


BUGTRAQ - 20050727 Cross Site Scripting vulnerabilities in GForge

Last Updated: 27 May 2016 10:40:31