Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1350

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2003-1350
Last Modified 05 Sep 2008 12:00:00
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1350

Summary

List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field.

Vulnerable Systems

Application

  • List Site Pro 2.0


References

XF - listsitepro-account-hijacking(11156)

BID - 6685

BUGTRAQ - 20030124 List Site Pro v2 user account Hijacking vulnerablity

SREASON - 3230


Last Updated: 27 May 2016 10:38:20