Lucene search
HistoryMay 03, 2005 - 4:00 a.m.
CVE-2005-0157
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
56.8%
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned.
Affected configurations
Node
smartlistsmartlistRange≤3.15
References
Related
openvas
openvas
Debian: Security Advisory (DSA-720-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 720-1 (smartlist)
2008-01-17 00:00:00
debian
debian
nessus
nessus
Debian DSA-720-1 : smartlist - wrong input processing
2005-05-04 00:00:00
cve
cve
CVE-2005-0157
2005-05-03 04:00:00
debiancve
debiancve
CVE-2005-0157
2005-05-03 04:00:00
cvelist
cvelist
CVE-2005-0157
2005-05-03 04:00:00
ubuntucve
ubuntucve
CVE-2005-0157
2005-05-03 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
56.8%
Related for NVD:CVE-2005-0157