Published: 09/06/2006 Updated: 07/11/2023

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 231

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Sylpheed-Claws prior to 2.2.2 and Sylpheed prior to 2.2.6 allow remote malicious users to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sylpheed sylpheed
sylpheed sylpheed 2.1.2
sylpheed sylpheed 2.0
sylpheed-claws sylpheed-claws 0.9.4
sylpheed-claws sylpheed-claws 0.9.5
sylpheed-claws sylpheed-claws 0.9.6
sylpheed-claws sylpheed-claws
sylpheed sylpheed 2.0.1
sylpheed sylpheed 2.0.2
sylpheed sylpheed 2.1.1
sylpheed sylpheed 2.1.3
sylpheed sylpheed 2.1.5
sylpheed sylpheed 2.1.4
sylpheed-claws sylpheed-claws 1.0.2
sylpheed sylpheed 2.0.3
sylpheed sylpheed 2.1

Debian Bug report logs - #372889 sylpheed-claws-gtk2: CVE-2006-2920: URI bypass Package: sylpheed-claws-gtk2; Maintainer for sylpheed-claws-gtk2 is (unknown); Reported by: Alec Berryman <alec@thenednet> Date: Mon, 12 Jun 2006 12:03:17 UTC Severity: serious Tags: confirmed, fixed-upstream, patch, security Fixed in version ...

CWE-20 http://sourceforge.net/project/shownotes.php?release_id=422662&group_id=25528 http://secunia.com/advisories/20476 http://secunia.com/advisories/20577 http://www.vupen.com/english/advisories/2006/2283 http://www.vupen.com/english/advisories/2006/2173 https://exchange.xforce.ibmcloud.com/vulnerabilities/27089 http://sylpheed.good-day.net/en/news.html%5C https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372889 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2920

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect