Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6587


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-6587
Last Modified 06 Apr 2009 12:00:00
Published 03 Apr 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.

Vulnerable Systems


  • Vuze 0.7.6


XF - torrentflux-admin-csrf(41926)

BID - 28848

BUGTRAQ - 20080418 BitTorrent Clients and CSRF

Last Updated: 27 May 2016 10:49:14