CVE-2005-2060 Information

Description

Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php (2) togglecats.php and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF (\0d0a) sequences in the Cat parameter.

Reference

http://marc.info/?l=bugtraq&m=111963737202040&w=2 http://www.gulftech.org/?node=research&article_id=00084-06232005 http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/Post42351