Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1752

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-1752
Last Modified 22 May 2009 12:00:00
Published 22 May 2009 07:52:39
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1752

Summary

exJune Office Message System 1 does not properly restrict access to (1) configure.asp and (2) addmessage2.asp, which allows remote attackers to gain privileges a direct request. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Exjune Office Message System 1


References

XF - oms-configure-addmessage2-security-bypass(50647)

MILW0RM - 8744

SECUNIA - 35172


Last Updated: 27 May 2016 10:50:40