CVE-2007-6319

high

Description

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."

References

http://www.vupen.com/english/advisories/2008/0618

http://www.securityfocus.com/bid/26792

http://www.securityfocus.com/archive/1/488343/100/0/threaded

http://securitytracker.com/id?1019436

http://securityreason.com/securityalert/3671

http://secunia.com/advisories/29019

Details

Source: Mitre, NVD

Published: 2008-02-19

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: High