Lucene search
HistoryDec 04, 2005 - 11:03 a.m.
CVE-2005-3982
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.048
Percentile
92.8%
CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.
Affected configurations
Node
webcalendarwebcalendarMatch1.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| webcalendar | webcalendar | 1.0.1 | cpe:2.3:a:webcalendar:webcalendar:1.0.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2005-3982
2005-12-04 11:00:00
cve
cve
CVE-2005-3982
2005-12-04 11:03:00
exploitdb
exploitdb
WebCalendar 1.0.1 - 'Layers_Toggle.php' HTTP Response Splitting
2005-12-01 00:00:00
ubuntucve
ubuntucve
CVE-2005-3982
2005-12-04 00:00:00
debian
debian
[SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities
2006-03-15 08:42:49
[SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities
2006-03-15 08:42:49
openvas
openvas
Debian Security Advisory DSA 1002-1 (webcalendar)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1002-1)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-1002-1 : webcalendar - several vulnerabilities
2006-10-14 00:00:00
WebCalendar < 1.0.2 Multiple Vulnerabilities
2005-12-02 00:00:00
osv
osv
webcalendar - several
2006-03-15 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.048
Percentile
92.8%
Related for NVD:CVE-2005-3982