Vulnerability Description
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sylpheed | Sylpheed | <= 2.2.5 |
| Sylpheed-Claws | Sylpheed-Claws | <= 2.2.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/20476PatchVendor Advisory
- http://secunia.com/advisories/20577Vendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=422662&group_id=25528Patch
- http://sylpheed.good-day.net/en/news.html%5C
- http://www.vupen.com/english/advisories/2006/2173Vendor Advisory
- http://www.vupen.com/english/advisories/2006/2283Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27089
- http://secunia.com/advisories/20476PatchVendor Advisory
- http://secunia.com/advisories/20577Vendor Advisory
- http://sourceforge.net/project/shownotes.php?release_id=422662&group_id=25528Patch
- http://sylpheed.good-day.net/en/news.html%5C
- http://www.vupen.com/english/advisories/2006/2173Vendor Advisory
- http://www.vupen.com/english/advisories/2006/2283Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27089
FAQ
What is CVE-2006-2920?
CVE-2006-2920 is a vulnerability with a CVSS score of 2.6 (LOW). Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space ch...
How severe is CVE-2006-2920?
CVE-2006-2920 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2920?
Check the references section above for vendor advisories and patch information. Affected products include: Sylpheed Sylpheed, Sylpheed-Claws Sylpheed-Claws.