Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3112

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-3112
Last Modified 10 Sep 2009 12:00:00
Published 09 Sep 2009 03:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-3112

Summary

Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter.

Vulnerable Systems

Application

  • Oxidforge Oxid Eshop 4.0.0.0 13895

  • Oxidforge Oxid Eshop 4.0.0.0 13934

  • Oxidforge Oxid Eshop 4.0.0.0 14260

  • Oxidforge Oxid Eshop 4.0.0.1 14455

  • Oxidforge Oxid Eshop 4.0.0.2 14842

  • Oxidforge Oxid Eshop 4.0.0.2 14967

  • Oxidforge Oxid Eshop 4.0.1.0 15990

  • Oxidforge Oxid Eshop 44.0.1.0 15990

  • Oxidforge Oxid Eshop4.0.0.2 14967


References

CONFIRM - http://www.oxidforge.org/wiki/Security_bulletins/2009-001


Last Updated: 27 May 2016 10:51:08