Lucene search

[email protected]CVE-2007-1898

HistoryMay 16, 2007 - 10:30 p.m.

CVE-2007-1898

2007-05-1622:30:00

[email protected]

web.nvd.nist.gov

cve

2007

1898

formmail.php

jetbox cms

security

vulnerability

email spam

nvd

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.044 Low

EPSS

Percentile

92.4%

JSON

formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.

Affected configurations

NVD

Node

applemac_os_x

hphp-ux

hptru64

linuxlinux_kernel

microsoftwindows_2000

microsoftwindows_2003_server

microsoftwindows_95

microsoftwindows_98gold

microsoftwindows_98se

microsoftwindows_me

microsoftwindows_ntMatch4.0

microsoftwindows_xp

santa_cruz_operationsco_unix

sunsolaris

windriverbsdos

AND

jetboxjetbox_cmsMatch2.1

CPENameOperatorVersion
jetbox:jetbox_cmsjetbox jetbox cmseq2.1

CPE	Name	Operator	Version
jetbox:jetbox_cms	jetbox jetbox cms	eq	2.1

References

securityreason.com/securityalert/2710

www.netvigilance.com/advisory0026

www.osvdb.org/34088

www.securityfocus.com/archive/1/468644/100/0/threaded

www.securityfocus.com/bid/23989

www.securitytracker.com/id?1018063

www.vupen.com/english/advisories/2007/1831

exchange.xforce.ibmcloud.com/vulnerabilities/34292

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.044 Low

EPSS

Percentile

92.4%

JSON

Related for CVE-2007-1898

packetstorm1 prion2 cvelist2 securityvulns2 nvd2 cve1