Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3982

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-3982
Last Modified 07 Mar 2011 09:27:30
Published 04 Dec 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3982

Summary

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Vulnerable Systems

Application

  • Webcalendar 1.0.1


References

DEBIAN - DSA-1002

SECUNIA - 19240

SECUNIA - 17848

VUPEN - ADV-2005-2702

BID - 15673

BUGTRAQ - 20051201 WebCalendar Multiple Vulnerabilities.

OSVDB - 21383

MISC - http://vd.lwang.org/webcalendar_multiple_vulns.txt


Last Updated: 27 May 2016 10:41:08