Vulnerability-Lookup

CVE-2007-6319 (GCVE-0-2007-6319)

Vulnerability from cvelistv5 – Published: 2008-02-19 22:00 – Updated: 2024-08-07 16:02

Summary

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securityreason.com/securityalert/3671	third-party-advisoryx_refsource_SREASON
	http://securitytracker.com/id?1019436	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/29019	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/488343/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/0618	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/26792	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:02:36.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3671",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3671"
          },
          {
            "name": "1019436",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019436"
          },
          {
            "name": "29019",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29019"
          },
          {
            "name": "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
          },
          {
            "name": "ADV-2008-0618",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0618"
          },
          {
            "name": "26792",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26792"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "3671",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3671"
        },
        {
          "name": "1019436",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019436"
        },
        {
          "name": "29019",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29019"
        },
        {
          "name": "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
        },
        {
          "name": "ADV-2008-0618",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0618"
        },
        {
          "name": "26792",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26792"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6319",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3671",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3671"
            },
            {
              "name": "1019436",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019436"
            },
            {
              "name": "29019",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29019"
            },
            {
              "name": "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
            },
            {
              "name": "ADV-2008-0618",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0618"
            },
            {
              "name": "26792",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26792"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6319",
    "datePublished": "2008-02-19T22:00:00",
    "dateReserved": "2007-12-11T00:00:00",
    "dateUpdated": "2024-08-07T16:02:36.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:8.95:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73133FFC-F2D6-44FB-A0EB-B8032BE1E45D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:8.95a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0A40E4E-E122-49F9-9BBE-D3D147E219AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:8.95b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B50A3C7E-7BD3-4811-A48B-C1DE1FA2290D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:8.95c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1723FC6E-0A53-444A-8FB1-DAB0F8C0F95F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"666997DC-6DFC-4E69-B756-73AC512744EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:9.2a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDD4E440-95BB-4B79-A6C1-D5B7E2D9E2D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:9.2b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD10C9A9-7F4E-4177-BD91-297EBCF70A30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03038BF0-4B6D-4E54-8D94-70CF0AC9CCE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:lyris:list_manager:9.3a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A484B37E-8DB3-405B-863A-A3D4ECE1AEF2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \\\"new accounts that collide with existing accounts.\\\"\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades no especificadas en Lyris ListManager 8.x versiones posteriores a la 8.95d, 9.2  versiones posteriores a la 9.2c y 9.3 versiones posteriores a la 9.3b, permiten a atacantes remotos (1) conseguir privilegios de administrador o (2) acceder a listas de correo de su elecci\\u00f3n a trav\\u00e9s de vectores no conocidos relacionados con la modificaci\\u00f3n de la informaci\\u00f3n de la parte cliente y (3) permitir a administradores remotos autenticados modificar datos de otra cuenta creando \\u201cnuevas cuentas que colisionan con otras ya existentes\\u201d\"}]",
      "id": "CVE-2007-6319",
      "lastModified": "2024-11-21T00:39:51.750",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-02-19T22:44:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/29019\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityreason.com/securityalert/3671\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1019436\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/488343/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/26792\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0618\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/29019\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securityreason.com/securityalert/3671\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1019436\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/488343/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/26792\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0618\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}, {\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-6319\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-02-19T22:44:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \\\"new accounts that collide with existing accounts.\\\"\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades no especificadas en Lyris ListManager 8.x versiones posteriores a la 8.95d, 9.2  versiones posteriores a la 9.2c y 9.3 versiones posteriores a la 9.3b, permiten a atacantes remotos (1) conseguir privilegios de administrador o (2) acceder a listas de correo de su elecci\u00f3n a trav\u00e9s de vectores no conocidos relacionados con la modificaci\u00f3n de la informaci\u00f3n de la parte cliente y (3) permitir a administradores remotos autenticados modificar datos de otra cuenta creando \u201cnuevas cuentas que colisionan con otras ya existentes\u201d\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:8.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73133FFC-F2D6-44FB-A0EB-B8032BE1E45D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:8.95a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0A40E4E-E122-49F9-9BBE-D3D147E219AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:8.95b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B50A3C7E-7BD3-4811-A48B-C1DE1FA2290D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:8.95c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1723FC6E-0A53-444A-8FB1-DAB0F8C0F95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"666997DC-6DFC-4E69-B756-73AC512744EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:9.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDD4E440-95BB-4B79-A6C1-D5B7E2D9E2D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:9.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD10C9A9-7F4E-4177-BD91-297EBCF70A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03038BF0-4B6D-4E54-8D94-70CF0AC9CCE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lyris:list_manager:9.3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A484B37E-8DB3-405B-863A-A3D4ECE1AEF2\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/29019\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/3671\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1019436\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/488343/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26792\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0618\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29019\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/3671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1019436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/488343/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26792\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0618\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2007-6319

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-6319

Aliases

CVE-2007-6319

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-6319",
    "description": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\"",
    "id": "GSD-2007-6319"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-6319"
      ],
      "details": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\"",
      "id": "GSD-2007-6319",
      "modified": "2023-12-13T01:21:39.114060Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-6319",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "3671",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3671"
          },
          {
            "name": "1019436",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1019436"
          },
          {
            "name": "29019",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29019"
          },
          {
            "name": "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
          },
          {
            "name": "ADV-2008-0618",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0618"
          },
          {
            "name": "26792",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/26792"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:8.95b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:8.95c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:8.95:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:8.95a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:9.3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:9.2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lyris:list_manager:9.2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6319"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                },
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26792",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/26792"
            },
            {
              "name": "1019436",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1019436"
            },
            {
              "name": "29019",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29019"
            },
            {
              "name": "3671",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3671"
            },
            {
              "name": "ADV-2008-0618",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0618"
            },
            {
              "name": "20080218 SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:52Z",
      "publishedDate": "2008-02-19T22:44Z"
    }
  }
}

GHSA-743H-JV99-PXJH

Vulnerability from github – Published: 2022-05-01 18:41 – Updated: 2022-05-01 18:41

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-6319"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-02-19T22:44:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\"",
  "id": "GHSA-743h-jv99-pxjh",
  "modified": "2022-05-01T18:41:39Z",
  "published": "2022-05-01T18:41:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-6319"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29019"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3671"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1019436"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/26792"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0618"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-6319

Vulnerability from fkie_nvd - Published: 2008-02-19 22:44 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/29019
cve@mitre.org	http://securityreason.com/securityalert/3671
cve@mitre.org	http://securitytracker.com/id?1019436
cve@mitre.org	http://www.securityfocus.com/archive/1/488343/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26792	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0618
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29019
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3671
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019436
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/488343/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26792	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0618

Impacted products

Vendor	Product	Version
lyris	list_manager	8.95
lyris	list_manager	8.95a
lyris	list_manager	8.95b
lyris	list_manager	8.95c
lyris	list_manager	9.2
lyris	list_manager	9.2a
lyris	list_manager	9.2b
lyris	list_manager	9.3
lyris	list_manager	9.3a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:8.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "73133FFC-F2D6-44FB-A0EB-B8032BE1E45D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:8.95a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0A40E4E-E122-49F9-9BBE-D3D147E219AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:8.95b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50A3C7E-7BD3-4811-A48B-C1DE1FA2290D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:8.95c:*:*:*:*:*:*:*",
              "matchCriteriaId": "1723FC6E-0A53-444A-8FB1-DAB0F8C0F95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "666997DC-6DFC-4E69-B756-73AC512744EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:9.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD4E440-95BB-4B79-A6C1-D5B7E2D9E2D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:9.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD10C9A9-7F4E-4177-BD91-297EBCF70A30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "03038BF0-4B6D-4E54-8D94-70CF0AC9CCE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:lyris:list_manager:9.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A484B37E-8DB3-405B-863A-A3D4ECE1AEF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating \"new accounts that collide with existing accounts.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en Lyris ListManager 8.x versiones posteriores a la 8.95d, 9.2  versiones posteriores a la 9.2c y 9.3 versiones posteriores a la 9.3b, permiten a atacantes remotos (1) conseguir privilegios de administrador o (2) acceder a listas de correo de su elecci\u00f3n a trav\u00e9s de vectores no conocidos relacionados con la modificaci\u00f3n de la informaci\u00f3n de la parte cliente y (3) permitir a administradores remotos autenticados modificar datos de otra cuenta creando \u201cnuevas cuentas que colisionan con otras ya existentes\u201d"
    }
  ],
  "id": "CVE-2007-6319",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-19T22:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3671"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019436"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26792"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/488343/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26792"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0618"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-6319 (GCVE-0-2007-6319)

GSD-2007-6319

GHSA-743H-JV99-PXJH

FKIE_CVE-2007-6319

Tags

Sightings

Nomenclature