Lucene search

[email protected]CVE-2007-4374

HistoryAug 16, 2007 - 6:17 p.m.

CVE-2007-4374

2007-08-1618:17:00

[email protected]

web.nvd.nist.gov

cve-2007-4374

babo violent 2

message spoofing

authentication bypass

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.9%

JSON

Babo Violent 2 2.08.00 does not validate the sender field of a chat message composed by a client, which allows remote authenticated users to spoof messages.

Affected configurations

NVD

Node

rndlabsbabo_violentRange≤2.2.08.00

CPENameOperatorVersion
rndlabs:babo_violentrndlabs babo violentle2.2.08.00

CPE	Name	Operator	Version
rndlabs:babo_violent	rndlabs babo violent	le	2.2.08.00

References

aluigi.altervista.org/adv/bv2x-adv.txt

securityreason.com/securityalert/3024

www.securityfocus.com/archive/1/476520/100/0/threaded

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

57.9%

JSON

Related for CVE-2007-4374

prion1 cvelist1 nvd1