Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0995

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0995
Last Modified 05 Sep 2008 04:25:25
Published 31 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0995

Summary

PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs.

Vulnerable Systems

Application

  • Phpprojekt 2.0

  • Phpprojekt 2.0.1

  • Phpprojekt 2.1

  • Phpprojekt 2.1a

  • Phpprojekt 2.2

  • Phpprojekt 2.3

  • Phpprojekt 2.4a


References

XF - phprojekt-id-modify(7035)

BID - 3239

BUGTRAQ - 20010826 security hole in os groupware suite PHProjekt

MISC - http://www.phprojekt.com/ChangeLog


Last Updated: 27 May 2016 10:36:28