CVE-2002-2109
published 2002-12-31CVE-2002-2109: Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2)…
PriorityP428high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.69%
84.0th percentile
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
| matt_wright | formmail | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CWE
Permissive Regular Expression
mitre_cwe
CWE-625 Permissive Regular Expression
CWE-625: Permissive Regular Expression
The product uses a regular expression that does not sufficiently restrict the set of allowed values.
This effectively causes the regexp to accept substrings that match the pattern, which produces a partial comparison to the target. In some cases, this can lead to other weaknesses. Common errors include: not identifying the beginning and end of the target string using wildcards instead of acceptable character ranges others
Modes of Introduction:
Phase: Implementation
Note: This problem is frequently found when the regular expression is used in input validation or security features such as authentication.
Common Consequences:
Scope: Access Control. Impact: Bypass Protection Mechanism.
Detection Methods:
Automated Static Analysis: Automated static a
CWE
Incorrect Regular Expression
mitre_cwe
CWE-185 Incorrect Regular Expression
CWE-185: Incorrect Regular Expression
The product specifies a regular expression in a way that causes data to be improperly matched or compared.
When the regular expression is used in protection mechanisms such as filtering or validation, this may allow an attacker to bypass the intended restrictions on the incoming data.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Other. Impact: Unexpected State, Varies by Context. When the regular expression is not correctly specified, data might have a different format or type than the rest of the program expects, producing resultant weaknesses or errors.
Scope: Access Control. Impact: Bypass Protection Mechanism. In PHP, regular expression checks can sometimes be bypassed with a null byte, leading to any number of weakn
http://archives.neohapsis.com/archives/bugtraq/2002-01/0307.htmlhttp://worldwidemart.com/scripts/formmail.shtmlhttp://www.iss.net/security_center/static/8012.phphttp://www.securityfocus.com/bid/3954http://archives.neohapsis.com/archives/bugtraq/2002-01/0307.htmlhttp://worldwidemart.com/scripts/formmail.shtmlhttp://www.iss.net/security_center/static/8012.phphttp://www.securityfocus.com/bid/3954
2002-12-31
Published