Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4230

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4230
Last Modified 15 Nov 2008 01:56:17
Published 08 Aug 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4230

Summary

** DISPUTED ** BellaBiblio allows remote attackers to gain administrative privileges via a bellabiblio cookie with the value "administrator." NOTE: this issue is disputed by CVE and multiple third parties because the cookie value must be an MD5 hash.

Vulnerable Systems

Application

  • Jems Scripts Bellabiblio


References

BID - 25140

BUGTRAQ - 20070730 BellaBiblio Admin Login Bypass

VIM - 20070731 WTF: BellaBiblio Admin Login Bypass

OSVDB - 39032

SREASON - 2991


Last Updated: 27 May 2016 10:45:48