Summary
This host is installed with TYPO3 and is prone to mail header injection vulnerability.
Impact
Successful exploitation will allow remote attackers to inject arbitrary email headers.
Impact Level: Application
Solution
Upgrade to TYPO3 version 4.0.5 or later,
For updates refer to, http://typo3.org/
Insight
An error exists in class.t3lib_formmail.php script which fails to properly validate certain email headers.
Affected
TYPO3 version before 4.0.5
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2007-1081 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
- AdaptBB Multiple Input Validation Vulnerabilities
- Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
- Apple Safari RSS Feed Information Disclosure Vulnerability