RSS   Vulnerabilities for 'Cgiemail'   RSS

2002-12-31
 
CVE-2002-1652

 

 
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.

 
2004-03-03
 
CVE-2002-1575

 

 
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message.

 

 >>> Vendor: MIT 7 Products
Kerberos
Pgp public key server
Cgiemail
Kerberos ftp client
Kerberos 5
Mit kerberos
Krb5-appl


Copyright 2019, cxsecurity.com

 

Back to Top