CVE-2005-3982

NameCVE-2005-3982
DescriptionCRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1002-1
NVD severitymedium (attack range: remote)
Debian Bugs342090

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
webcalendarsource(unstable)1.0.2-1medium342090
webcalendarsourcesarge0.9.45-4sarge3mediumDSA-1002-1

Search for package or bug name: Reporting problems