Description

The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information.

Remediation

References

CVE-2007-1081

Related Vulnerabilities

PHP POST file upload buffer overflow vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2000-0913)

WordPress Plugin TAKETIN To WP Membership PHP Object Injection (1.2.7)

WordPress Plugin Easy Property Listings Cross-Site Scripting (3.3.5.8)

Django Resource Management Errors Vulnerability (CVE-2015-5963)

Severity

High

Classification

CVE-2007-1081

Tags

Missing Update Known Vulnerabilities