Lucene search

MitreCVE-2007-4188

HistoryAug 08, 2007 - 1:17 a.m.

CVE-2007-4188

2007-08-0801:17:00

CWE-384

mitre

web.nvd.nist.gov

cve-2007-4188

session fixation

joomla

security vulnerability

administrative web sessions

sunglow

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.01

Percentile

83.8%

JSON

Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors.

Affected configurations

Nvd

Node

joomlajoomla\!Range<1.0.13

VendorProductVersionCPE
joomlajoomla\!*cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
joomla	joomla\!	*	cpe:2.3:a:joomla:joomla\!::::::::

References

secunia.com/advisories/26239

www.joomla.org/content/view/3677/1/

www.securityfocus.com/archive/1/476017/100/0/threaded

www.vupen.com/english/advisories/2007/2719

exchange.xforce.ibmcloud.com/vulnerabilities/35953

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.01

Percentile

83.8%

JSON

Related for CVE-2007-4188