PT-2011-2891 · Simple Machines · Simple Machines Forum

Hanno Böck

Publicado

2011-06-21

Atualizado

2011-06-29

CVE-2011-1127

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Simple Machines Forum (SMF) versions 1.1.x through 1.1.12 Simple Machines Forum (SMF) versions 2.x through 2.0 RC4

Description The issue is related to the SSI.php file in Simple Machines Forum (SMF), which does not properly restrict guest access. This allows remote attackers to have an unspecified impact via unknown vectors.

Recommendations For Simple Machines Forum (SMF) versions 1.1.x through 1.1.12, update to version 1.1.13 or later. For Simple Machines Forum (SMF) versions 2.x through 2.0 RC4, update to version 2.0 RC5 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2011-1127

Produtos afetados

Simple Machines Forum

PT-2011-2891 · Simple Machines · Simple Machines Forum

CVE-2011-1127

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6