Description
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.
References (7)
Core 7
Core References
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2283
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20577
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27089
Patch x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=422662&group_id=25528
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2173
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20476
Various Sources x_refsource_confirm
http://sylpheed.good-day.net/en/news.html%5C
Scores
EPSS
0.0143
EPSS Percentile
70.0%
Details
CWE
CWE-20
Status
published
Products (16)
sylpheed/sylpheed
2.0
sylpheed/sylpheed
2.0.1
sylpheed/sylpheed
2.0.2
sylpheed/sylpheed
2.0.3
sylpheed/sylpheed
2.1
sylpheed/sylpheed
2.1.1
sylpheed/sylpheed
2.1.2
sylpheed/sylpheed
2.1.3
sylpheed/sylpheed
2.1.4
sylpheed/sylpheed
2.1.5
... and 6 more
Published
Jun 09, 2006
Tracked Since
Feb 18, 2026