Back to search
CVE-2005-3348
Published: Nov 18, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17616
third-party-advisory
x_refsource_SECUNIA
MDKSA-2005:212
vendor-advisory
x_refsource_MANDRIVA
15396
vdb-entry
x_refsource_BID
GLSA-200511-18
vendor-advisory
x_refsource_GENTOO
15414
vdb-entry
x_refsource_BID
17698
third-party-advisory
x_refsource_SECUNIA
DSA-898
vendor-advisory
x_refsource_DEBIAN
17441
third-party-advisory
x_refsource_SECUNIA
20051115 Advisory 22/2005: Multiple vulnerabilities in phpSysInfo
mailing-list
x_refsource_BUGTRAQ
DSA-897
vendor-advisory
x_refsource_DEBIAN
17620
third-party-advisory
x_refsource_SECUNIA
17584
third-party-advisory
x_refsource_SECUNIA
http://www.hardened-php.net/advisory_212005.81.html
x_refsource_MISC
17570
third-party-advisory
x_refsource_SECUNIA
DSA-899
vendor-advisory
x_refsource_DEBIAN
17643
third-party-advisory
x_refsource_SECUNIA
phpsysinfo-registerglobal-data-manipulation(23107)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now