Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5644

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5644
Last Modified 05 Sep 2008 05:31:18
Published 23 Oct 2007 05:47:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5644

Summary

Lussumo Vanilla 1.1.3 and earlier does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote attackers to conduct unauthorized sort operations and other activities.

Vulnerable Systems

Application

  • Lussumo Vanilla 1.1.3


References

MILW0RM - 4548


Last Updated: 27 May 2016 10:46:14