Lucene search

K

PRIOn knowledge basePRION:CVE-2014-9037

HistoryNov 25, 2014 - 11:59 p.m.

Design/Logic Flaw

2014-11-2523:59:00

PRIOn knowledge base

www.prio-n.com

4

7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq7.0
mageiaeq4
mageiaeq3
wordpresseq3.8.3
wordpresseq3.9.2
wordpresseq3.8.2
wordpresseq4.0
wordpresseq3.8
wordpresseq3.8.1

Rows per page:

1-10 of 141

References

advisories.mageia.org/MGASA-2014-0493.html

openwall.com/lists/oss-security/2014/11/25/12

www.debian.org/security/2014/dsa-3085

www.mandriva.com/security/advisories?name=MDVSA-2014:233

www.securitytracker.com/id/1031243

wordpress.org/news/2014/11/wordpress-4-0-1/

7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.1%

Related for PRION:CVE-2014-9037

ubuntucve1 patchstack1 debiancve1 cve1 openvas7 nessus9 osv2 fedora3 debian2 freebsd1 securityvulns2 mageia1