CVE-2002-1771 Information

Description

Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC: BCC: or additional TO: fields in the email and realname CGI variables.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-01/0307.html http://www.scriptarchive.com/readme/formmail.htmlhistory http://www.securityfocus.com/bid/3955 https://exchange.xforce.ibmcloud.com/vulnerabilities/8013