Lucene search

[email protected]CVE-2007-3643

HistoryJul 10, 2007 - 1:30 a.m.

CVE-2007-3643

2007-07-1001:30:00

[email protected]

web.nvd.nist.gov

av arcade

2.1b

admin/index.php

remote code execution

cve-2007-3643

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions.

Affected configurations

NVD

Node

av_scriptsav_arcadeMatch2.1b

CPENameOperatorVersion
av_scripts:av_arcadeav scripts av arcadeeq2.1b

CPE	Name	Operator	Version
av_scripts:av_arcade	av scripts av arcade	eq	2.1b

References

osvdb.org/38952

securityreason.com/securityalert/2871

www.securityfocus.com/archive/1/472666/100/0/threaded

www.securityfocus.com/bid/24736/info

exchange.xforce.ibmcloud.com/vulnerabilities/35234

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2007-3643

prion1 cvelist1 nvd1