Lucene search

[email protected]CVE-2008-3072

HistoryJul 08, 2008 - 6:41 p.m.

CVE-2008-3072

2008-07-0818:41:00

NVD-CWE-noinfo

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-3072

simple machines forum

smf

php security

random number generator

nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.4%

JSON

Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.

CPENameOperatorVersion
simple_machines:simple_machines_forumsimple machines simple machines forumle1.0.12
simple_machines:simple_machines_forumsimple machines simple machines forumle1.1.4

CPE	Name	Operator	Version
simple_machines:simple_machines_forum	simple machines simple machines forum	le	1.0.12
simple_machines:simple_machines_forum	simple machines simple machines forum	le	1.1.4

References

secunia.com/advisories/30955

www.simplemachines.org/community/index.php?P=c3696c2022b54fa50c5f341bf5710aa3&topic=236816.0

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.4%

JSON

Related for CVE-2008-3072

cvelist1 prion1