Vulnerability Description
CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sips | Sips | All versions |
References
- http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1
- http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log
- http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1
- http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log
FAQ
What is CVE-2002-2218?
CVE-2002-2218 is a vulnerability with a CVSS score of 10.0 (HIGH). CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining...
How severe is CVE-2002-2218?
CVE-2002-2218 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2218?
Check the references section above for vendor advisories and patch information. Affected products include: Sips Sips.