Lucene search

[email protected]CVE-2006-3671

HistoryJul 18, 2006 - 3:47 p.m.

CVE-2006-3671

2006-07-1815:47:00

[email protected]

web.nvd.nist.gov

cve-2006-3671

csrf

vulnerability

estmaster.c

hyper estraier

unauthorized actions

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper Estraier before 1.3.3 allows remote attackers to perform unauthorized actions as other users via unknown vectors.

Affected configurations

NVD

Node

hyper_estraierhyper_estraierRange≤1.3.2

hyper_estraierhyper_estraierMatch1.0

hyper_estraierhyper_estraierMatch1.0.1

hyper_estraierhyper_estraierMatch1.0.2

hyper_estraierhyper_estraierMatch1.0.3

hyper_estraierhyper_estraierMatch1.0.4

hyper_estraierhyper_estraierMatch1.0.5

hyper_estraierhyper_estraierMatch1.0.6

hyper_estraierhyper_estraierMatch1.1.0

hyper_estraierhyper_estraierMatch1.1.1

hyper_estraierhyper_estraierMatch1.1.2

hyper_estraierhyper_estraierMatch1.1.3

hyper_estraierhyper_estraierMatch1.1.4

hyper_estraierhyper_estraierMatch1.1.5

hyper_estraierhyper_estraierMatch1.1.6

hyper_estraierhyper_estraierMatch1.2.1

hyper_estraierhyper_estraierMatch1.2.3

hyper_estraierhyper_estraierMatch1.2.4

hyper_estraierhyper_estraierMatch1.2.5

hyper_estraierhyper_estraierMatch1.2.6

hyper_estraierhyper_estraierMatch1.2.7

hyper_estraierhyper_estraierMatch1.2.8

hyper_estraierhyper_estraierMatch1.2.9

hyper_estraierhyper_estraierMatch1.3.0

hyper_estraierhyper_estraierMatch1.3.1

CPENameOperatorVersion
hyper_estraier:hyper_estraierhyper estraierle1.3.2
hyper_estraier:hyper_estraierhyper estraiereq1.0
hyper_estraier:hyper_estraierhyper estraiereq1.0.1
hyper_estraier:hyper_estraierhyper estraiereq1.0.2
hyper_estraier:hyper_estraierhyper estraiereq1.0.3
hyper_estraier:hyper_estraierhyper estraiereq1.0.4
hyper_estraier:hyper_estraierhyper estraiereq1.0.5
hyper_estraier:hyper_estraierhyper estraiereq1.0.6
hyper_estraier:hyper_estraierhyper estraiereq1.1.0
hyper_estraier:hyper_estraierhyper estraiereq1.1.1

CPE	Name	Operator	Version
hyper_estraier:hyper_estraier	hyper estraier	le	1.3.2
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0.1
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0.2
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0.3
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0.4
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0.5
hyper_estraier:hyper_estraier	hyper estraier	eq	1.0.6
hyper_estraier:hyper_estraier	hyper estraier	eq	1.1.0
hyper_estraier:hyper_estraier	hyper estraier	eq	1.1.1

Rows per page:

1-10 of 251

References

secunia.com/advisories/21049

sourceforge.net/project/shownotes.php?release_id=432119

www.vupen.com/english/advisories/2006/2827

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2006-3671

debiancve1 ubuntucve1 cvelist1 nvd1