Description

The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information.

Remediation

References

CVE-2007-1081

Related Vulnerabilities

WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3)

WordPress Plugin CMS Tree Page View Security Bypass (1.3.4)

Ruby Resource Management Errors Vulnerability (CVE-2008-2664)

Oracle Database Server Improper Authentication Vulnerability (CVE-2012-3137)

WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)

Severity

High

Classification

CVE-2007-1081

Tags

Missing Update Known Vulnerabilities