• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20010524 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20060526)
Votes (Legacy)
ACCEPT(2) Baker, Frech
NOOP(6) Bishop, Christey, Cole, Foat, Wall, Ziese
REVIEWING(1) Williams
Comments (Legacy)
   I think from the discussion on the Bugtraq list, there is sufficient verfication that this
   is a real problem, and well-known.  There are a couple of work arounds
   described in the posts, so this should be accepted.
 Christey> Fix typo: "paramaters"
 Christey> Fix typo: "paramater"
 Christey> The following references discuss this problem and/or later
   variants of it, up to version 1.9.

Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.