Lucene search

K

MitreCVELIST:CVE-2007-2233

HistoryApr 25, 2007 - 3:00 p.m.

CVE-2007-2233

2007-04-2515:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote authenticated users to perform unauthorized actions as an arbitrary user by using CR (\r) sequences in the service parameter to inject LOGIN and REGISTER commands with the desired username.

References

secunia.com/advisories/24845

www.securityfocus.com/archive/1/465386/100/100/threaded

www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-002.txt

www.vupen.com/english/advisories/2007/1359

6.6 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

Related for CVELIST:CVE-2007-2233

cve1 prion1 nvd1