Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2276

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2276
Last Modified 08 Apr 2009 01:25:45
Published 16 May 2008 08:54:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2276

Summary

Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.

Vulnerable Systems

Application

  • Matisbt Mantis 1.1.1


References

FEDORA - FEDORA-2008-6657

FEDORA - FEDORA-2008-6647

VUPEN - ADV-2008-1598

BID - 29297

MILW0RM - 5657

GENTOO - GLSA-200809-10

CONFIRM - http://sourceforge.net/project/shownotes.php?group_id=14963&release_id=595025

SECUNIA - 31972

SECUNIA - 31171

SECUNIA - 30270

BUGTRAQ - 20080520 Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities

XF - mantis-usercreate-csrf(42447)


Last Updated: 27 May 2016 10:47:48