1. CVE-Search
  2. CVE-2007-1134
ID CVE-2007-1134
Summary Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, related to "unauthorized accounts." Watchtower is prone to an unspecified authentication-bypass vulnerability. An attacker can exploit this issue to gain unauthorized access to the application. Versions prior to 0.12 are vulnerable. http://www.securityfocus.com/bid/22721/info The vendor has released version 0.12 to address this issue. Download: http://downloads.sourceforge.net/wtelements/wt0.12.tar.gz?modtime=1171 460836&big_mirror=0
References
Vulnerable Configurations
  • cpe:2.3:a:watchtower:watchtower:0.1:alpha:*:*:*:*:*:*
    cpe:2.3:a:watchtower:watchtower:0.1:alpha:*:*:*:*:*:*
  • cpe:2.3:a:watchtower:watchtower:*:*:*:*:*:*:*:*
    cpe:2.3:a:watchtower:watchtower:*:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 08-03-2011 - 02:51)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 22721
confirm http://sourceforge.net/project/shownotes.php?release_id=486435&group_id=188798
osvdb 41106
vupen ADV-2007-0743
Last major update 08-03-2011 - 02:51
Published 02-03-2007 - 21:18
Last modified 08-03-2011 - 02:51
Back to Top