Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-7236

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2013-7236
Last Modified 30 Apr 2014 07:21:25
Published 29 Apr 2014 10:38:47
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-7236

Summary

Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate arbitrary users via a Unicode homoglyph character in a username.

Vulnerable Systems

Application

  • Simplemachines Simple Machines Forum 1.0

  • Simplemachines Simple Machines Forum 1.0.1

  • Simplemachines Simple Machines Forum 1.0.10

  • Simplemachines Simple Machines Forum 1.0.12

  • Simplemachines Simple Machines Forum 1.0.13

  • Simplemachines Simple Machines Forum 1.0.14

  • Simplemachines Simple Machines Forum 1.0.15

  • Simplemachines Simple Machines Forum 1.0.16

  • Simplemachines Simple Machines Forum 1.0.17

  • Simplemachines Simple Machines Forum 1.0.18

  • Simplemachines Simple Machines Forum 1.0.19

  • Simplemachines Simple Machines Forum 1.0.2

  • Simplemachines Simple Machines Forum 1.0.20

  • Simplemachines Simple Machines Forum 1.0.21

  • Simplemachines Simple Machines Forum 1.0.22

  • Simplemachines Simple Machines Forum 1.0.23

  • Simplemachines Simple Machines Forum 1.0.3

  • Simplemachines Simple Machines Forum 1.0.4

  • Simplemachines Simple Machines Forum 1.0.5

  • Simplemachines Simple Machines Forum 1.0.6

  • Simplemachines Simple Machines Forum 1.0.7

  • Simplemachines Simple Machines Forum 1.0.8

  • Simplemachines Simple Machines Forum 1.0.9

  • Simplemachines Simple Machines Forum 1.1

  • Simplemachines Simple Machines Forum 1.1.1

  • Simplemachines Simple Machines Forum 1.1.10

  • Simplemachines Simple Machines Forum 1.1.11

  • Simplemachines Simple Machines Forum 1.1.12

  • Simplemachines Simple Machines Forum 1.1.13

  • Simplemachines Simple Machines Forum 1.1.14

  • Simplemachines Simple Machines Forum 1.1.15

  • Simplemachines Simple Machines Forum 1.1.16

  • Simplemachines Simple Machines Forum 1.1.17

  • Simplemachines Simple Machines Forum 1.1.2

  • Simplemachines Simple Machines Forum 1.1.3

  • Simplemachines Simple Machines Forum 1.1.4

  • Simplemachines Simple Machines Forum 1.1.5

  • Simplemachines Simple Machines Forum 1.1.6

  • Simplemachines Simple Machines Forum 1.1.7

  • Simplemachines Simple Machines Forum 1.1.8

  • Simplemachines Simple Machines Forum 1.1.9

  • Simplemachines Simple Machines Forum 2.0.6


References

MLIST - [oss-security] 20131229 Re: CVE request: SMF 1.1.19, 2.0.6

MLIST - [oss-security] 20131230 CVE request: SMF 1.1.19, 2.0.6

MISC - http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/

FULLDISC - 20131213 Multiple vulnerabilities in SMF forum software


Last Updated: 27 May 2016 11:05:08