CVE-2009-1777

CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
matt_wrightformmail
1.92
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/35068
http://www.securityfocus.com/archive/1/503446/100/0/threaded
http://www.securityfocus.com/bid/34929
http://www.ush.it/team/ush/hack-formmail_192/adv.txt
http://secunia.com/advisories/35068
http://www.securityfocus.com/archive/1/503446/100/0/threaded
http://www.securityfocus.com/bid/34929
http://www.ush.it/team/ush/hack-formmail_192/adv.txt