CVE-2005-3982

Publication date 4 December 2005

Last updated 17 July 2025

Ubuntu priority

Description

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
webcalendar	7.04 feisty	Not in release
	6.10 edgy	Fixed 1.0.2-2.1
	6.06 LTS dapper	Fixed 1.0.2-2.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2005-3982