Lucene search

K

[email protected]NVD:CVE-2005-3348

HistoryNov 18, 2005 - 2:02 a.m.

CVE-2005-3348

2005-11-1802:02:00

CWE-352

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.4%

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter.

Affected configurations

NVD

Node

phpsysinfophpsysinfoMatch2.0

OR

phpsysinfophpsysinfoMatch2.1

OR

phpsysinfophpsysinfoMatch2.3

OR

phpsysinfophpsysinfoMatch2.4

References

secunia.com/advisories/17441

secunia.com/advisories/17570

secunia.com/advisories/17584

secunia.com/advisories/17616

secunia.com/advisories/17620

secunia.com/advisories/17643

secunia.com/advisories/17698

www.debian.org/security/2005/dsa-897

www.debian.org/security/2005/dsa-898

www.debian.org/security/2005/dsa-899

www.gentoo.org/security/en/glsa/glsa-200511-18.xml

www.hardened-php.net/advisory_212005.81.html

www.mandriva.com/security/advisories?name=MDKSA-2005:212

www.securityfocus.com/archive/1/416543

www.securityfocus.com/bid/15396

www.securityfocus.com/bid/15414

exchange.xforce.ibmcloud.com/vulnerabilities/23107

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.4%

Related for NVD:CVE-2005-3348

cve1 debiancve1 ubuntucve1 cvelist1 openvas10 gentoo1 nessus5 debian6 osv3 packetstorm1 securityvulns1