Lucene search

MitreCVE-2007-6237

HistoryDec 04, 2007 - 6:46 p.m.

CVE-2007-6237

2007-12-0418:46:00

CWE-287

mitre

web.nvd.nist.gov

cve-2007-6237

deluxebb 1.09

cp.php

membercookie

e-mail addresses

profile update

remote authenticated users

administrative access

password-reset

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.05

Percentile

92.9%

JSON

cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. NOTE: this can be leveraged for administrative access by requesting password-reset e-mail through a lostpw action to misc.php.

Affected configurations

Nvd

Node

deluxebbdeluxebbMatch1.09

VendorProductVersionCPE
deluxebbdeluxebb1.09cpe:2.3:a:deluxebb:deluxebb:1.09:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
deluxebb	deluxebb	1.09	cpe:2.3:a:deluxebb:deluxebb:1.09:::::::*

References

secunia.com/advisories/27794

securityreason.com/securityalert/3416

www.securityfocus.com/archive/1/484205/100/0/threaded

www.securityfocus.com/bid/26572

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.05

Percentile

92.9%

JSON

Related for CVE-2007-6237