Vulnerability Description
Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubbcentral | Ubb.Threads | 6.0 |
References
- http://marc.info/?l=bugtraq&m=111963737202040&w=2
- http://www.gulftech.org/?node=research&article_id=00084-06232005PatchVendor Advisory
- http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#PosPatch
- http://marc.info/?l=bugtraq&m=111963737202040&w=2
- http://www.gulftech.org/?node=research&article_id=00084-06232005PatchVendor Advisory
- http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#PosPatch
FAQ
What is CVE-2005-2060?
CVE-2005-2060 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content...
How severe is CVE-2005-2060?
CVE-2005-2060 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2060?
Check the references section above for vendor advisories and patch information. Affected products include: Ubbcentral Ubb.Threads.