CVE-2005-3621 | Vulnerability Database | Aqua Security

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.

Affected Software

Name	Vendor	Start Version	End Version
Phpmyadmin	Phpmyadmin	2.2.0 (including)	2.2.0 (including)
Phpmyadmin	Phpmyadmin	2.2.7_pl1 (including)	2.2.7_pl1 (including)
Phpmyadmin	Phpmyadmin	2.5.2_pl1 (including)	2.5.2_pl1 (including)
Phpmyadmin	Phpmyadmin	2.5.3 (including)	2.5.3 (including)
Phpmyadmin	Phpmyadmin	2.5.4 (including)	2.5.4 (including)
Phpmyadmin	Phpmyadmin	2.5.5_pl1 (including)	2.5.5_pl1 (including)
Phpmyadmin	Phpmyadmin	2.5.6_rc2 (including)	2.5.6_rc2 (including)
Phpmyadmin	Phpmyadmin	2.5.7_pl1 (including)	2.5.7_pl1 (including)
Phpmyadmin	Phpmyadmin	2.6.0_pl3 (including)	2.6.0_pl3 (including)
Phpmyadmin	Phpmyadmin	2.6.1_pl3 (including)	2.6.1_pl3 (including)
Phpmyadmin	Phpmyadmin	2.6.2_pl1 (including)	2.6.2_pl1 (including)
Phpmyadmin	Phpmyadmin	2.6.3_pl1 (including)	2.6.3_pl1 (including)
Phpmyadmin	Phpmyadmin	2.6.4_pl3 (including)	2.6.4_pl3 (including)

References

http://secunia.com/advisories/17578
http://secunia.com/advisories/22781
http://securitytracker.com/id?1015213
http://www.debian.org/security/2006/dsa-1207
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3621
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html