Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4073

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4073
Last Modified 15 Nov 2008 01:55:13
Published 30 Jul 2007 01:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4073

Summary

Webbler CMS before 3.1.6 does not properly restrict use of "mail a friend" forms, which allows remote attackers to send arbitrary amounts of forged e-mail. NOTE: this could be leveraged for spam or phishing attacks.

Vulnerable Systems

Application

  • Tincan Webbler Cms 3.1.4


References

BUGTRAQ - 20070724 PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses

MISC - http://www.procheckup.com/Vulner_2007.php

MISC - http://tincan.co.uk/?lid=1975

OSVDB - 38994

SREASON - 2955


Last Updated: 27 May 2016 10:45:46