CVE-2007-0652

EPSS 3.05%
Veröffentlicht 15.02.2007 23:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle PSIRT-CNA@flexerasoftware.com
CVE-Watchlists
Login
Unerledigt
Login

Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mailenable ≫ Mailenable Professional Version1.0.004

Mailenable ≫ Mailenable Professional Version1.0.005

Mailenable ≫ Mailenable Professional Version1.0.006

Mailenable ≫ Mailenable Professional Version1.0.007

Mailenable ≫ Mailenable Professional Version1.0.008

Mailenable ≫ Mailenable Professional Version1.0.009

Mailenable ≫ Mailenable Professional Version1.0.010

Mailenable ≫ Mailenable Professional Version1.0.011

Mailenable ≫ Mailenable Professional Version1.0.012

Mailenable ≫ Mailenable Professional Version1.0.013

Mailenable ≫ Mailenable Professional Version1.0.014

Mailenable ≫ Mailenable Professional Version1.0.015

Mailenable ≫ Mailenable Professional Version1.0.016

Mailenable ≫ Mailenable Professional Version1.0.017

Mailenable ≫ Mailenable Professional Version1.1

Mailenable ≫ Mailenable Professional Version1.2

Mailenable ≫ Mailenable Professional Version1.2a

Mailenable ≫ Mailenable Professional Version1.5

Mailenable ≫ Mailenable Professional Version1.6

Mailenable ≫ Mailenable Professional Version1.7

Mailenable ≫ Mailenable Professional Version1.12

Mailenable ≫ Mailenable Professional Version1.13

Mailenable ≫ Mailenable Professional Version1.14

Mailenable ≫ Mailenable Professional Version1.15

Mailenable ≫ Mailenable Professional Version1.16

Mailenable ≫ Mailenable Professional Version1.17

Mailenable ≫ Mailenable Professional Version1.18

Mailenable ≫ Mailenable Professional Version1.19

Mailenable ≫ Mailenable Professional Version1.51

Mailenable ≫ Mailenable Professional Version1.52

Mailenable ≫ Mailenable Professional Version1.53

Mailenable ≫ Mailenable Professional Version1.54

Mailenable ≫ Mailenable Professional Version1.72

Mailenable ≫ Mailenable Professional Version1.73

Mailenable ≫ Mailenable Professional Version1.82

Mailenable ≫ Mailenable Professional Version1.83

Mailenable ≫ Mailenable Professional Version1.84

Mailenable ≫ Mailenable Professional Version1.101

Mailenable ≫ Mailenable Professional Version1.102

Mailenable ≫ Mailenable Professional Version1.103

Mailenable ≫ Mailenable Professional Version1.104

Mailenable ≫ Mailenable Professional Version1.105

Mailenable ≫ Mailenable Professional Version1.106

Mailenable ≫ Mailenable Professional Version1.107

Mailenable ≫ Mailenable Professional Version1.108

Mailenable ≫ Mailenable Professional Version1.109

Mailenable ≫ Mailenable Professional Version1.110

Mailenable ≫ Mailenable Professional Version1.111

Mailenable ≫ Mailenable Professional Version1.112

Mailenable ≫ Mailenable Professional Version1.113

Mailenable ≫ Mailenable Professional Version1.114

Mailenable ≫ Mailenable Professional Version1.115

Mailenable ≫ Mailenable Professional Version1.116

Mailenable ≫ Mailenable Professional Version2.0

Mailenable ≫ Mailenable Professional Version2.1

Mailenable ≫ Mailenable Professional Version2.2

Mailenable ≫ Mailenable Professional Version2.32

Mailenable ≫ Mailenable Professional Version2.33

Mailenable ≫ Mailenable Professional Version2.34

Mailenable ≫ Mailenable Professional Version2.35

Mailenable ≫ Mailenable Professional Version2.351

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.05%	0.862

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/23998

Patch

Vendor Advisory

http://secunia.com/secunia_research/2007-38/advisory/

Patch

Vendor Advisory

http://securityreason.com/securityalert/2258

http://www.securityfocus.com/archive/1/460063/100/0/threaded

http://www.securityfocus.com/bid/22554

http://www.vupen.com/english/advisories/2007/0595

http://osvdb.org/33191

https://nvd.nist.gov/vuln/detail/CVE-2007-0652

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0652

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0652

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2007-0652