Vulnerability Description
Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname CGI variables.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Matt Wright | Formmail | 1.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0307.html
- http://www.scriptarchive.com/readme/formmail.html#history
- http://www.securityfocus.com/bid/3955Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8013
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0307.html
- http://www.scriptarchive.com/readme/formmail.html#history
- http://www.securityfocus.com/bid/3955Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8013
FAQ
What is CVE-2002-1771?
CVE-2002-1771 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realname...
How severe is CVE-2002-1771?
CVE-2002-1771 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1771?
Check the references section above for vendor advisories and patch information. Affected products include: Matt Wright Formmail.