Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2854

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2854
Last Modified 05 Sep 2008 04:52:50
Published 08 Sep 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2854

Summary

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers.

Vulnerable Systems

Application

  • Thesitewizard.com Chfeedback.pl Feedback Form Perl Script 2.0.1


References

BID - 14749

FULLDISC - 20050905 thesitewizard.com chfeedback.pl CRLF Injection


Last Updated: 27 May 2016 10:40:40