Lucene search

[email protected]CVE-2007-1182

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2007-1182

2007-03-0221:18:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1182

webapp

security vulnerability

remote user

guest profile editing

6.9 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

74.8%

JSON

WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profile, which has unknown impact.

CPENameOperatorVersion
web-app.org:webappweb-app.org webappeq0.9.9.3
web-app.org:webappweb-app.org webappeq0.9.9.3.2
web-app.org:webappweb-app.org webappeq0.9.9.2.1
web-app.org:webappweb-app.org webappeq0.9.9.2
web-app.org:webappweb-app.org webappeq0.9.9.1
web-app.org:webappweb-app.org webappeq0.9.9
web-app.org:webappweb-app.org webappeq0.9.9.3.1
web-app.org:webappweb-app.org webappeq0.9.9.4

CPE	Name	Operator	Version
web-app.org:webapp	web-app.org webapp	eq	0.9.9.3
web-app.org:webapp	web-app.org webapp	eq	0.9.9.3.2
web-app.org:webapp	web-app.org webapp	eq	0.9.9.2.1
web-app.org:webapp	web-app.org webapp	eq	0.9.9.2
web-app.org:webapp	web-app.org webapp	eq	0.9.9.1
web-app.org:webapp	web-app.org webapp	eq	0.9.9
web-app.org:webapp	web-app.org webapp	eq	0.9.9.3.1
web-app.org:webapp	web-app.org webapp	eq	0.9.9.4

References

osvdb.org/33292

secunia.com/advisories/24080

www.securityfocus.com/bid/22563

www.vupen.com/english/advisories/2007/0604

www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250

6.9 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

74.8%

JSON

Related for CVE-2007-1182

prion1 securityvulns1