Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2005

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-2005
Last Modified 09 Jun 2009 12:00:00
Published 08 Jun 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2005

Summary

Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.

Vulnerable Systems

Application

  • Dokeos 1.8.5


References

VUPEN - ADV-2009-1300

CONFIRM - http://www.dokeos.com/wiki/index.php/Security#Dokeos_1.8

BID - 34928

SECUNIA - 34879

MISC - http://holisticinfosec.org/content/view/112/45/


Last Updated: 27 May 2016 10:50:44