Vulnerabilities > CVE-2002-2109 - Unspecified vulnerability in Matt Wright Formmail

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

matt-wright

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.

Vulnerable Configurations

Part	Description	Count
Application	Matt_Wright Matt Wright Formmail 1.0 Matt Wright Formmail 1.1 Matt Wright Formmail 1.2 Matt Wright Formmail 1.3 Matt Wright Formmail 1.4 Matt Wright Formmail 1.5 Matt Wright Formmail 1.6 Matt Wright Formmail 1.7 Matt Wright Formmail 1.8 Matt Wright Formmail 1.9	10

Summary

Vulnerable Configurations

References