Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4929

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-4929
Last Modified 07 Mar 2011 10:13:31
Published 04 Nov 2008 04:00:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4929

Summary

MyBB (aka MyBulletinBoard) 1.4.2 uses insufficient randomness to compose filenames of uploaded files used as attachments, which makes it easier for remote attackers to read these files by guessing filenames.

Vulnerable Systems

Application

  • Mybb 1.4.2


References

VUPEN - ADV-2008-2967

BID - 31936

MLIST - [oss-security] 20081101 CVE request (Fwd: MyBB 1.4.2: Multiple Vulnerabilties)

FULLDISC - 20081027 MyBB 1.4.2: Multiple Vulnerabilties


Last Updated: 27 May 2016 10:48:40