Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1627

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2008-1627
Last Modified 05 Sep 2008 05:38:14
Published 02 Apr 2008 01:44:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-1627

Summary

CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts of arbitrary users via a modified internal UID.

Vulnerable Systems

Application

  • Cds Software Consortium Invenio 0.92.1


References

SECUNIA - 29521

CONFIRM - http://cdsware.cern.ch/lists/project-cdsware-announce/archive/msg00021.shtml

CONFIRM - http://cdsware.cern.ch/invenio/news.html

XF - cdsinvenio-alert-weak-security(41546)

BID - 28514


Last Updated: 27 May 2016 10:47:36