SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2006-5909

generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE

Reference:

http://www.securityfocus.com/archive/1/archive/1/450679/100/0/threaded

http://www.securityfocus.com/archive/1/archive/1/460196/100/0/threaded

BID-20934

SECUNIA-24311

ADV-2007-0760

http://sourceforge.net/project/shownotes.php?group_id=177652&release_id=489633

scarf-generaloptions-privilege-escalation(30037)

scarf-generaloptions-security-bypass(32700)


30430



423868



247974



909



194654



282