Lucene search

[email protected]CVE-2006-5909

HistoryNov 15, 2006 - 3:07 p.m.

CVE-2006-5909

2006-11-1515:07:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2006-5909

generaloptions.php

scarf

remote attackers

reconfigure

user accounts

admin privilege

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.034 Low

EPSS

Percentile

91.5%

JSON

generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.

Affected configurations

NVD

Node

paul_tarjanstanford_conference_and_research_forumMatchbeta

CPENameOperatorVersion
paul_tarjan:stanford_conference_and_research_forumpaul tarjan stanford conference and research forumeqbeta

CPE	Name	Operator	Version
paul_tarjan:stanford_conference_and_research_forum	paul tarjan stanford conference and research forum	eq	beta

References

secunia.com/advisories/24311

sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633

www.securityfocus.com/archive/1/450679/100/0/threaded

www.securityfocus.com/archive/1/460196/100/0/threaded

www.securityfocus.com/bid/20934

www.vupen.com/english/advisories/2007/0760

exchange.xforce.ibmcloud.com/vulnerabilities/30037

exchange.xforce.ibmcloud.com/vulnerabilities/32700

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.034 Low

EPSS

Percentile

91.5%

JSON

Related for CVE-2006-5909

nvd1 cvelist1