Lucene search

[email protected]CVE-2004-1982

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1982

2005-05-1004:00:00

[email protected]

web.nvd.nist.gov

yabb

post.pl

remote code modification

vulnerability

cve-2004-1982

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.1%

JSON

Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board’s .txt file via carriage return characters in the subject field.

Affected configurations

NVD

Node

yabbyabbMatch1_gold_-_sp_1

yabbyabbMatch1_gold_-_sp_1.2

CPENameOperatorVersion
yabb:yabbyabbeq1_gold_-_sp_1
yabb:yabbyabbeq1_gold_-_sp_1.2

CPE	Name	Operator	Version
yabb:yabb	yabb	eq	1_gold_-_sp_1
yabb:yabb	yabb	eq	1_gold_-_sp_1.2

References

marc.info/?l=bugtraq&m=108360430703935&w=2

secunia.com/advisories/12609

www.securityfocus.com/bid/10263

www.yabbforum.com/community/YaBB.pl?board=general%3Baction=display%3Bnum=1093133233

exchange.xforce.ibmcloud.com/vulnerabilities/16050

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.1%

JSON

Related for CVE-2004-1982

nvd1 cvelist1