Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2140

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2140
Last Modified 10 Sep 2008 03:33:01
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2140

Summary

CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable.

Vulnerable Systems

Application

  • Yabb 1 Gold - Sp 1.3

  • Yabb 1 Gold - Sp 1.3.1


References

CONFIRM - http://www.yabbforum.com/community/YaBB.pl?board=general;action=display;num=1093133233

SECUNIA - 12609


Last Updated: 27 May 2016 10:39:21