CVE-2007-1081
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2007-1081
Status
Candidate
Description
The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information.
Severity
High
CVSS score
7
CVSS vector
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Phase
Assigned (22.02.2007)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1081
References
BID :
22668
CONFIRM :
http://typo3.org/teams/security/security-bulletins...
FRSIRT :
ADV-2007-0697
SECUNIA :
24207
XF :
typo3-t3libformmail-field-email-injection(32630)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
