CVE-2006-4344 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-4344

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi.

Affected Software

Name	Vendor	Start Version	End Version
Mail_f_w_system	Cgi-rescue	8.3 (including)	8.3 (including)

References

http://jvn.jp/jp/JVN%2311048526/index.html
http://secunia.com/advisories/21543
http://www.osvdb.org/28131
http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060822210549
http://www.securityfocus.com/bid/19676
http://www.vupen.com/english/advisories/2006/3359