Lucene search

[email protected]NVD:CVE-2004-1687

HistorySep 16, 2004 - 4:00 a.m.

CVE-2004-1687

2004-09-1604:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.014

Percentile

86.7%

JSON

CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter.

Affected configurations

Nvd

Node

snitz_communicationssnitz_forums_2000Match3.0

snitz_communicationssnitz_forums_2000Match3.1sr4

snitz_communicationssnitz_forums_2000Match3.3

snitz_communicationssnitz_forums_2000Match3.3.01

snitz_communicationssnitz_forums_2000Match3.3.02

snitz_communicationssnitz_forums_2000Match3.3.03

snitz_communicationssnitz_forums_2000Match3.4.02

snitz_communicationssnitz_forums_2000Match3.4.03

snitz_communicationssnitz_forums_2000Match3.4.04

VendorProductVersionCPE
snitz_communicationssnitz_forums_20003.0cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.1cpe:2.3:a:snitz_communications:snitz_forums_2000:3.1:sr4:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.3cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.3.01cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.01:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.3.02cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.02:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.3.03cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.03:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.4.02cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.02:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.4.03cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.03:*:*:*:*:*:*:*
snitz_communicationssnitz_forums_20003.4.04cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.04:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
snitz_communications	snitz_forums_2000	3.0	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0:::::::*
snitz_communications	snitz_forums_2000	3.1	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.1:sr4::::::
snitz_communications	snitz_forums_2000	3.3	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3:::::::*
snitz_communications	snitz_forums_2000	3.3.01	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.01:::::::*
snitz_communications	snitz_forums_2000	3.3.02	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.02:::::::*
snitz_communications	snitz_forums_2000	3.3.03	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.03:::::::*
snitz_communications	snitz_forums_2000	3.4.02	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.02:::::::*
snitz_communications	snitz_forums_2000	3.4.03	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.03:::::::*
snitz_communications	snitz_forums_2000	3.4.04	cpe:2.3:a:snitz_communications:snitz_forums_2000:3.4.04:::::::*

References

forum.snitz.com/forum/topic.asp?ARCHIVE=true&TOPIC_ID=54791

marc.info/?l=bugtraq&m=109537195413691&w=2

secunia.com/advisories/12590

www.securityfocus.com/bid/11201

exchange.xforce.ibmcloud.com/vulnerabilities/17421

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.014

Percentile

86.7%

JSON

Related for NVD:CVE-2004-1687

openvas1 cve1 exploitdb1 cvelist1