Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-7234

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2013-7234
Last Modified 30 Apr 2014 07:14:53
Published 29 Apr 2014 10:38:47
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-7234

Summary

Simple Machines Forum (SMF) before 1.1.19 and 2.x before 2.0.6 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header.

Vulnerable Systems

Application

  • Simplemachines Simple Machines Forum 1.0

  • Simplemachines Simple Machines Forum 1.0.1

  • Simplemachines Simple Machines Forum 1.0.10

  • Simplemachines Simple Machines Forum 1.0.12

  • Simplemachines Simple Machines Forum 1.0.13

  • Simplemachines Simple Machines Forum 1.0.14

  • Simplemachines Simple Machines Forum 1.0.15

  • Simplemachines Simple Machines Forum 1.0.16

  • Simplemachines Simple Machines Forum 1.0.17

  • Simplemachines Simple Machines Forum 1.0.18

  • Simplemachines Simple Machines Forum 1.0.19

  • Simplemachines Simple Machines Forum 1.0.2

  • Simplemachines Simple Machines Forum 1.0.20

  • Simplemachines Simple Machines Forum 1.0.21

  • Simplemachines Simple Machines Forum 1.0.22

  • Simplemachines Simple Machines Forum 1.0.23

  • Simplemachines Simple Machines Forum 1.0.3

  • Simplemachines Simple Machines Forum 1.0.4

  • Simplemachines Simple Machines Forum 1.0.5

  • Simplemachines Simple Machines Forum 1.0.6

  • Simplemachines Simple Machines Forum 1.0.7

  • Simplemachines Simple Machines Forum 1.0.8

  • Simplemachines Simple Machines Forum 1.0.9

  • Simplemachines Simple Machines Forum 1.1

  • Simplemachines Simple Machines Forum 1.1.1

  • Simplemachines Simple Machines Forum 1.1.10

  • Simplemachines Simple Machines Forum 1.1.11

  • Simplemachines Simple Machines Forum 1.1.12

  • Simplemachines Simple Machines Forum 1.1.13

  • Simplemachines Simple Machines Forum 1.1.14

  • Simplemachines Simple Machines Forum 1.1.15

  • Simplemachines Simple Machines Forum 1.1.16

  • Simplemachines Simple Machines Forum 1.1.17

  • Simplemachines Simple Machines Forum 1.1.2

  • Simplemachines Simple Machines Forum 1.1.3

  • Simplemachines Simple Machines Forum 1.1.4

  • Simplemachines Simple Machines Forum 1.1.5

  • Simplemachines Simple Machines Forum 1.1.6

  • Simplemachines Simple Machines Forum 1.1.7

  • Simplemachines Simple Machines Forum 1.1.8

  • Simplemachines Simple Machines Forum 1.1.9

  • Simplemachines Simple Machines Forum 2.0

  • Simplemachines Simple Machines Forum 2.0.1

  • Simplemachines Simple Machines Forum 2.0.2

  • Simplemachines Simple Machines Forum 2.0.3

  • Simplemachines Simple Machines Forum 2.0.4

  • Simplemachines Simple Machines Forum 2.0.5

  • Simplemachines Simple Machines Forum 2.0.6


References

MLIST - [oss-security] 20131229 Re: CVE request: SMF 1.1.19, 2.0.6

MLIST - [oss-security] 20131230 CVE request: SMF 1.1.19, 2.0.6

MISC - http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/

FULLDISC - 20131213 Multiple vulnerabilities in SMF forum software

CONFIRM - http://download.simplemachines.org/index.php?thanks;filename=smf_2-0-6_changelog.txt


Last Updated: 27 May 2016 11:05:08