CVE-2005-3348
phpSysInfo 2.4 - HTTP Response Splitting via Charset Parameter
Title source: llmDescription
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter.
References (17)
Core 17
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17616
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2005:212
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15396
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15414
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17698
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-898
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17441
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/416543
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-897
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17620
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17584
Various Sources x_refsource_misc
http://www.hardened-php.net/advisory_212005.81.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17570
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-899
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17643
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/23107
Scores
EPSS
0.0198
EPSS Percentile
78.1%
Details
CWE
CWE-352
Status
published
Products (4)
phpsysinfo/phpsysinfo
2.0
phpsysinfo/phpsysinfo
2.1
phpsysinfo/phpsysinfo
2.3
phpsysinfo/phpsysinfo
2.4
Published
Nov 18, 2005
Tracked Since
Feb 18, 2026