CVE-2013-2652
Published Nov 2, 2013
Last updated 7 years ago
Overview
- Description
- CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AE9C3F3-A5CA-41A7-A169-C2233E261774",
"versionEndIncluding": "3.30"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.3:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F626958-EAFC-4253-AB63-91ECC3256FCD"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79ED3647-D7BB-406B-A434-26940021B524"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A07E6B8-56CE-4746-948C-3213BD028934"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.32:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AFAE26F-7A1A-4CB9-BB7B-2EEFD25C202D"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6831C0CE-B803-4D01-9071-D601A59631A6"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B534844-C170-4CB2-9CD7-2CF07A256F09"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A2DD0ED-4234-4629-BAF8-99858623DCFB"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "026D8728-5028-4D65-8399-32054DC6B902"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37237E21-E1DB-4C49-AFF3-DA5E39DEB3BC"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E737B666-ECAE-4736-B634-AA446AB0DCDC"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.60a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F361DCA3-FF38-445E-B387-06805CD9C397"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0108B5F5-BD5F-4474-916C-060A1C4C4DB7"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.62:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9C494CC-1EA7-4071-9037-1FC5429329DA"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.62a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF4D7988-C646-4833-B2BF-9A08E7B713AD"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.70:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30C74CEE-76DC-4F31-93C5-6AF4575CDB64"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.71:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39B33962-09F1-4221-B503-FBB232D89690"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.71a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E2C93B3-3C46-4653-86E5-6905DEEF3FD6"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.80:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F41DEA9-C367-4025-9598-9CD0DB8F9C32"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:1.81:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A45D33B2-9A6E-4F7B-9C6F-35A3C19A53B0"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EDBA3DC-44E8-4148-98B5-64D6AC52B220"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B48C7EA8-40BE-41CC-AAAB-8A46172F7EB3"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9A4BDFD-C204-4142-84CD-83A13120CE69"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EC367F1-7BCD-4D5E-955E-4949B4AB44F6"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35368D38-7D8C-4338-A54E-9EEA5257C87A"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9840E707-2DCC-4585-A74D-CAC8A93D1738"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "817D79BC-7532-4797-85C9-79D5BC27BA8E"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF67AA63-67C5-4F04-919A-4DBE44977BCA"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "821B6975-0624-47BF-8B0B-849FFB7A6CF9"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92E62E01-B1B5-4D61-A4B2-4760C4F987CB"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6146A795-BE5F-4D6A-988A-91007AE9D831"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.70:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBF2FDA4-FF8B-47FA-B4AA-A37EFD643796"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:2.71:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67E95822-2BB3-44E5-91FE-5630B73682DD"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:3.00:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC88CD93-4A39-440B-BFCE-7715C2359B55"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F92634D-311F-484B-80ED-D199E285D4A0"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:3.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66550AA1-E86E-4E2D-A819-664AF3DE49D2"
},
{
"criteria": "cpe:2.3:a:andrew_simpson:webcollab:3.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78B2DD63-9587-4BAE-AB47-3790FAA0A351"
}
],
"operator": "OR"
}
]
}
]