Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7241

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-7241
Last Modified 18 Sep 2009 12:00:00
Published 17 Sep 2009 02:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-7241

Summary

Cross-site request forgery (CSRF) vulnerability in PunBB before 1.2.17 allows remote attackers to hijack the authentication of unspecified users for requests related to a logout, probably a forced logout.

Vulnerable Systems

Application

  • Punbb 1.0

  • Punbb 1.1

  • Punbb 1.1.1

  • Punbb 1.1.2

  • Punbb 1.1.3

  • Punbb 1.1.4

  • Punbb 1.1.5

  • Punbb 1.2

  • Punbb 1.2.1

  • Punbb 1.2.10

  • Punbb 1.2.11

  • Punbb 1.2.12

  • Punbb 1.2.13

  • Punbb 1.2.14

  • Punbb 1.2.15

  • Punbb 1.2.16

  • Punbb 1.2.2

  • Punbb 1.2.3

  • Punbb 1.2.4

  • Punbb 1.2.5

  • Punbb 1.2.6

  • Punbb 1.2.7

  • Punbb 1.2.8

  • Punbb 1.2.9


References

CONFIRM - http://punbb.informer.com/download/changelogs/1.2.16_to_1.2.17.txt

OSVDB - 48685


Last Updated: 27 May 2016 10:49:31