• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20010524 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20060526)
Votes (Legacy)
ACCEPT(2) Baker, Frech
NOOP(6) Bishop, Christey, Cole, Foat, Wall, Ziese
REVIEWING(1) Williams
Comments (Legacy)
   I think from the discussion on the Bugtraq list, there is sufficient verfication that this
   is a real problem, and well-known.  There are a couple of work arounds
   described in the posts, so this should be accepted.
 Christey> Fix typo: "paramaters"
 Christey> Fix typo: "paramater"
 Christey> The following references discuss this problem and/or later
   variants of it, up to version 1.9.

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.