6.4
CVE-2007-4609
- EPSS 1.38%
- Veröffentlicht 31.08.2007 00:17:00
- Zuletzt bearbeitet 16.06.2026 22:44:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LogineyeOS uses predictable checksum values in the checknum parameter for access control, which allows remote attackers to register many accounts via doCreateUser actions, add many eyeBoard messages via addMsg actions, and cause a denial of service or conduct certain unauthorized activities, by guessing valid parameter values.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.38% | 0.686 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:P
|
http://osvdb.org/45836
http://securityreason.com/securityalert/3081
http://www.securityfocus.com/archive/1/477866/100/0/threaded