Lucene search
Ubuntu.comUB:CVE-2005-3416HistoryNov 01, 2005 - 12:00 a.m.
CVE-2005-3416
2005-11-0100:00:00
ubuntu.com
ubuntu.com
9
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.013
Percentile
85.9%
phpBB 2.0.17 and earlier, when register_globals is enabled and the
session_start function has not been called to handle a session, allows
remote attackers to bypass security checks by setting the $_SESSION and
$HTTP_SESSION_VARS variables to strings instead of arrays, which causes an
array_merge function call to fail.
Related
nvd
nvd
CVE-2005-3416
2005-11-01 21:02:00
cvelist
cvelist
CVE-2005-3416
2005-11-01 21:00:00
cve
cve
CVE-2005-3416
2005-11-01 21:02:00
nessus
nessus
phpBB <= 2.0.17 Multiple Vulnerabilities
2005-11-02 00:00:00
FreeBSD : phpbb -- multiple vulnerabilities (28c9243a-72ed-11da-8c1d-000e0c2e438a)
2006-05-13 00:00:00
Debian DSA-925-1 : phpbb2 - several vulnerabilities
2006-10-14 00:00:00
openvas
openvas
FreeBSD Ports: phpbb, zh-phpbb-tw
2008-09-04 00:00:00
Debian: Security Advisory (DSA-925-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 925-1 (phpbb2)
2008-01-17 00:00:00
freebsd
freebsd
phpbb -- multiple vulnerabilities
2005-10-24 00:00:00
debian
debian
[SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities
2005-12-22 08:19:09
[SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities
2005-12-22 08:19:09
osv
osv
phpbb2 - several
2005-12-22 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.013
Percentile
85.9%
Related for UB:CVE-2005-3416