Lucene search
Redhat.comRH:CVE-2008-3747HistoryOct 04, 2019 - 8:25 p.m.
CVE-2008-3747
2019-10-0420:25:44
redhat.com
access.redhat.com
10
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.006
Percentile
77.8%
The (1) get_edit_post_link and (2) get_edit_comment_link functions in wp-includes/link-template.php in WordPress before 2.6.1 do not force SSL communication in the intended situations, which might allow remote attackers to gain administrative access by sniffing the network for a cookie.
Related
fedora
fedora
[SECURITY] Fedora 8 Update: wordpress-2.6.1-1.fc8
2008-09-10 07:24:48
[SECURITY] Fedora 9 Update: wordpress-2.6.1-1.fc9
2008-09-05 12:22:05
[SECURITY] Fedora 9 Update: wordpress-2.6.1-1.fc9
2008-09-10 06:56:05
openvas
openvas
WordPress <= 2.6.1 Multiple Vulnerabilities
2008-09-25 00:00:00
Fedora Update for wordpress FEDORA-2008-7279
2009-02-17 00:00:00
Fedora Update for wordpress FEDORA-2008-7279
2009-02-17 00:00:00
cve
cve
CVE-2008-3747
2008-08-27 15:21:00
nessus
nessus
Fedora 8 : wordpress-2.6.1-1.fc8 (2008-7463)
2008-09-10 00:00:00
Fedora 9 : wordpress-2.6.1-1.fc9 (2008-7279)
2008-09-08 00:00:00
patchstack
patchstack
WordPress <= 2.6.0 - Multiple vulnerabilities
2008-08-20 00:00:00
debiancve
debiancve
CVE-2008-3747
2008-08-27 15:21:00
cvelist
cvelist
CVE-2008-3747
2008-08-27 15:00:00
prion
prion
Code injection
2008-08-27 15:21:00
ubuntucve
ubuntucve
CVE-2008-3747
2008-08-27 00:00:00
nvd
nvd
CVE-2008-3747
2008-08-27 15:21:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.006
Percentile
77.8%
Related for RH:CVE-2008-3747