Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9388

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-9388
Last Modified 10 Jan 2015 09:59:23
Published 17 Dec 2014 02:59:08
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9388

Summary

bug_report.php in MantisBT before 1.2.18 allows remote attackers to assign arbitrary issues via the handler_id parameter.

Vulnerable Systems

Application

  • Mantisbt 1.2.17


References

CONFIRM - https://www.mantisbt.org/bugs/view.php?id=17878

CONFIRM - https://www.mantisbt.org/bugs/changelog_page.php?version_id=191

MLIST - [oss-security] 20141207 MantisBT 1.2.18 Released

DEBIAN - DSA-3120


Last Updated: 27 May 2016 11:07:29