ID CVE-2007-1179
Summary WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to (1) the Recommend feature, Email Article (2) senders and (3) recipients, (4) New User Approval, (5) Edit Profiles, (6) the Newsletter Subscription form, (7) the Recommend form, and (8) sending of articles, which has unknown impact, and remote attack vectors related to spam attacks and possibly other attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*
    cpe:2.3:a:web-app.org:webapp:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-03-2011 - 02:51)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 22563
confirm http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
osvdb 33284
secunia 24080
vupen ADV-2007-0604
Last major update 08-03-2011 - 02:51
Published 02-03-2007 - 21:18
Last modified 08-03-2011 - 02:51
Back to Top