Information on source package cgiemail

Available versions

ReleaseVersion
wheezy1.6-37
jessie1.6-37

Open issues

BugwheezyjessieDescription
CVE-2017-5616vulnerablevulnerable (no DSA)Reflected XSS vulnerability
CVE-2017-5615vulnerablevulnerable (no DSA)SEC-215 HTTP header injection
CVE-2017-5614vulnerablevulnerable (no DSA)SEC-214 Open redirect
CVE-2017-5613vulnerablevulnerable (no DSA)SEC-212 Format string injection

Resolved issues

BugDescription
CVE-2002-1652Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers ...
CVE-2002-1575cgiemail allows remote attackers to use cgiemail as a spam proxy via ...

Security announcements

DSA / DLADescription
DSA-437cgiemail - open mail relay

Search for package or bug name: Reporting problems