Lucene search

[email protected]CVE-2004-1982

HistoryMay 03, 2004 - 4:00 a.m.

CVE-2004-1982

2004-05-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

yabb

post.pl

remote code modification

vulnerability

cve-2004-1982

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

86.0%

JSON

Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board’s .txt file via carriage return characters in the subject field.

CPENameOperatorVersion
yabb:yabbyabbeq1_gold_-_sp_1
yabb:yabbyabbeq1_gold_-_sp_1.2

CPE	Name	Operator	Version
yabb:yabb	yabb	eq	1_gold_-_sp_1
yabb:yabb	yabb	eq	1_gold_-_sp_1.2

References

marc.info/?l=bugtraq&m=108360430703935&w=2

secunia.com/advisories/12609

www.securityfocus.com/bid/10263

www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233

exchange.xforce.ibmcloud.com/vulnerabilities/16050

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

86.0%

JSON

Related for CVE-2004-1982

cvelist1