Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1982

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1982
Last Modified 05 Sep 2008 04:42:52
Published 03 May 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1982

Summary

Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via carriage return characters in the subject field.

Vulnerable Systems

Application

  • Yabb 1 Gold - Sp 1

  • Yabb 1 Gold - Sp 1.2


References

XF - yabb-subject-modify-file(16050)

BID - 10263

SECUNIA - 12609

BUGTRAQ - 20040502 Vulnerability in YaBB forum (Perl version without SQL)

CONFIRM - http://www.yabbforum.com/community/YaBB.pl?board=general;action=display;num=1093133233


Last Updated: 27 May 2016 10:39:16