Home > Vulnerability Database > CVE-2005-3982

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2005-3982

Date: December 4, 2005

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Severity Score

5.3

Related Resources (11)

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2005-3982

Url: http://secunia.com/advisories/19240

Url: http://vd.lwang.org/webcalendar_multiple_vulns.txt

Url: http://www.osvdb.org/21383

Url: http://www.securityfocus.com/bid/15673

Url: http://secunia.com/advisories/17848

Url: http://www.debian.org/security/2006/dsa-1002

Url: http://www.vupen.com/english/advisories/2005/2702

Url: http://www.securityfocus.com/archive/1/418286/100/0/threaded

Url: https://nvd.nist.gov/vuln/detail/CVE-2005-3982

Url: https://www.mend.io/vulnerability-database/CVE-2005-3982

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us