Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2920

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-2920
Last Modified 25 Jul 2011 12:00:00
Published 08 Jun 2006 09:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2920

Summary

Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.

Vulnerable Systems

Application

  • Sylpheed 2.0

  • Sylpheed 2.0.1

  • Sylpheed 2.0.2

  • Sylpheed 2.0.3

  • Sylpheed 2.1

  • Sylpheed 2.1.1

  • Sylpheed 2.1.2

  • Sylpheed 2.1.3

  • Sylpheed 2.1.4

  • Sylpheed 2.1.5

  • Sylpheed 2.2.5

  • Sylpheed-claws 0.9.4

  • Sylpheed-claws 0.9.5

  • Sylpheed-claws 0.9.6

  • Sylpheed-claws 1.0.2

  • Sylpheed-claws 2.2.1


References

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=422662&group_id=25528

SECUNIA - 20476

XF - sylpheed-claws-utils-textview-security-bypass(27089)

VUPEN - ADV-2006-2283

VUPEN - ADV-2006-2173

CONFIRM - http://sylpheed.good-day.net/en/news.html\

SECUNIA - 20577


Last Updated: 27 May 2016 10:42:48