Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1236

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-1236
Last Modified 08 Jun 2012 11:41:31
Published 19 Mar 2012 05:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1236

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0) allow remote attackers to hijack the authentication of arbitrary users for requests that (1) tweet, (2) upload an image file, or (3) execute arbitrary commands.

Vulnerable Systems

Application

  • Janetter 1.0.0.0

  • Janetter 1.1.0.0

  • Janetter 1.2.0.0

  • Janetter 1.2.1.0

  • Janetter 1.3.0.0

  • Janetter 1.4.0.0

  • Janetter 1.5.0.0

  • Janetter 1.6.0.0

  • Janetter 1.6.1.0

  • Janetter 1.6.2.0

  • Janetter 1.6.3.0

  • Janetter 1.7.0.0

  • Janetter 1.7.1.0

  • Janetter 1.7.2.0

  • Janetter 2.0.0.1

  • Janetter 2.0.1.0

  • Janetter 2.0.2.0

  • Janetter 2.0.3.0

  • Janetter 2.1.0.0

  • Janetter 2.1.1.0

  • Janetter 2.1.1.1

  • Janetter 2.1.1.2

  • Janetter 2.2.0.0

  • Janetter 2.3.0.0

  • Janetter 2.4.0.0

  • Janetter 2.5.0.0

  • Janetter 2.5.1.0

  • Janetter 3.0.0.0

  • Janetter 3.1.0.0

  • Janetter 3.1.0.1

  • Janetter 3.1.1.0

  • Janetter 3.2.0.0

  • Janetter 3.2.1.0

  • Janetter 3.2.1.1


References

JVNDB - JVNDB-2012-000027

JVN - JVN#83459967

CONFIRM - http://janetter.net/history.html

CONFIRM - http://blog.janetter.net/

SECUNIA - 48480


Last Updated: 27 May 2016 10:42:30