Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6470

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6470
Last Modified 19 Aug 2009 01:23:54
Published 13 Mar 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6470

Summary

Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript insert" and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Clansphere 2007.3.1

  • Clansphere 2007.4

  • Clansphere 2007.4.1

  • Clansphere 2007.4.2

  • Clansphere 2007.4.3

  • Clansphere 2007.4.4

  • Clansphere 2008


References

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=627530

XF - clansphere-unspecified-info-disclosure(45269)

BID - 31293

CONFIRM - http://www.clansphere.net/index/news/view/id/306

CONFIRM - http://www.clansphere.net/index/news/view/id/289

SECUNIA - 31965

OSVDB - 48451


Last Updated: 27 May 2016 10:49:12