Lucene search

[email protected]CVE-2008-7216

HistorySep 11, 2009 - 4:30 p.m.

CVE-2008-7216

2009-09-1116:30:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-7216

nvd

wordpress

captcha

audio

remote attack

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Peter’s Math Anti-Spam Spinoff plugin for WordPress generates audio CAPTCHA clips by concatenating static audio files without any additional distortion, which allows remote attackers to bypass CAPTCHA protection by reading certain bytes from the generated clip.

Affected configurations

NVD

Node

wordpresspeter\'s_math_anti-spam_for_wordpressMatch-

CPENameOperatorVersion
wordpress:peter\'s_math_anti-spam_for_wordpresswordpress peter's math anti-spam for wordpresseq-

CPE	Name	Operator	Version
wordpress:peter\'s_math_anti-spam_for_wordpress	wordpress peter's math anti-spam for wordpress	eq	-

References

docs.google.com/View?docid=df36cd52_19xzmkwqcg

www.securityfocus.com/archive/1/486331/100/200/threaded

www.securityfocus.com/bid/27287

exchange.xforce.ibmcloud.com/vulnerabilities/39688

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Related for CVE-2008-7216

nvd1 patchstack1 prion1 cvelist1