CVE Vulnerability

CVE-2007-6319

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.securityfocus.com/bid/26792 Patch
http://securitytracker.com/id?1019436
http://secunia.com/advisories/29019
http://securityreason.com/securityalert/3671
http://www.vupen.com/english/advisories/2008/0618
http://www.securityfocus.com/archive/1/488343/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:lyris:list_manager:8.95a:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:9.2b:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:8.95:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:8.95c:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:9.3a:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:9.2:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:9.2a:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:9.3:*:*:*:*:*:*:*
cpe:2.3:a:lyris:list_manager:8.95b:*:*:*:*:*:*:*
Information

Published : 2008-02-19 10:44

Updated : 2018-10-15 09:52

NVD link : CVE-2007-6319

Mitre link : CVE-2007-6319

Products Affected
No products.
CWE
CWE-264

NVD-CWE-noinfo