CVE-2006-3798

DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka "pollution of the global namespace."

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html
http://securityreason.com/securityalert/1254
http://www.securityfocus.com/archive/1/440435/100/0/threaded
http://www.securityfocus.com/bid/19052

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:deluxebb:deluxebb:1.05:::::::*
	cpe:2.3:a:deluxebb:deluxebb:1.06:::::::*
	cpe:2.3:a:deluxebb:deluxebb:1.07:::::::*

History

No history.

Information

Published : 2006-07-24 12:19

Updated : 2018-10-17 21:30

NVD link : CVE-2006-3798

Mitre link : CVE-2006-3798

CVE.ORG link : CVE-2006-3798

JSON object : View

Products Affected

deluxebb

deluxebb

CWE

NVD-CWE-Other

{"id": "CVE-2006-3798", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-07-24T12:19:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1254", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/440435/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19052", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka \"pollution of the global namespace.\""}, {"lang": "es", "value": "DeluxeBB 1.07 y anteriores permite a atacantes remotos sobrescribir las variables (1) _GET, (2) _POST, (3) _ENV, y (4) _SERVER mediante la variable _COOKIE (tambi\u00e9n conocida como COOKIE), la cual puede sobrescribir las otras variables durante una llamada a la funci\u00f3n extract, probablemente llevando a m\u00faltiples vulnerabilidades de seguridad, tambi\u00e9n conocida como \"contaminaci\u00f3n del espacio de nombres global\"."}], "lastModified": "2018-10-17T21:30:14.170", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:deluxebb:deluxebb:1.05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A65D83C-FB89-46C8-8ABA-D9F66ACE8B88"}, {"criteria": "cpe:2.3:a:deluxebb:deluxebb:1.06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37F38906-2E8F-40E4-A03B-8121FDEF903C"}, {"criteria": "cpe:2.3:a:deluxebb:deluxebb:1.07:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC51CF33-9B6A-40BE-B5A6-3596C02C48B5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}