Vulnerability Details : CVE-2005-2060
Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter.
Exploit prediction scoring system (EPSS) score for CVE-2005-2060
Probability of exploitation activity in the next 30 days: 0.68%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 78 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-2060
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2005-2060
-
http://marc.info/?l=bugtraq&m=111963737202040&w=2
'Infopop UBB Threads Multiple Vulnerabilities' - MARC
-
http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351
PHP forum software since 1997 - UBB.threadsPatch
-
http://www.gulftech.org/?node=research&article_id=00084-06232005
SOC 2 Compliance TipsPatch;Vendor Advisory
Products affected by CVE-2005-2060
- cpe:2.3:a:ubbcentral:ubb.threads:6.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ubbcentral:ubb.threads:6.5.1.1:*:*:*:*:*:*:*