CVE-2005-3982

EPSS 16.48%
Veröffentlicht 04.12.2005 11:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Webcalendar ≫ Webcalendar Version1.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.48%	0.943

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/19240

Patch

Vendor Advisory

http://www.debian.org/security/2006/dsa-1002

Patch

Vendor Advisory

http://www.securityfocus.com/archive/1/418286/100/0/threaded

http://secunia.com/advisories/17848

Patch

Vendor Advisory

http://vd.lwang.org/webcalendar_multiple_vulns.txt

http://www.osvdb.org/21383

http://www.securityfocus.com/bid/15673

http://www.vupen.com/english/advisories/2005/2702

https://nvd.nist.gov/vuln/detail/CVE-2005-3982

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3982

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3982

EUVD