PT-2008-4499 · Php+1 · Php+1

Jessica Hope

Published

2008-07-08

Updated

2012-11-27

CVE-2008-3072

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Simple Machines Forum (SMF) versions 1.1.x before 1.1.5 Simple Machines Forum (SMF) versions 1.0.x before 1.0.13

Description: The issue is related to the improper seeding of the random number generator in Simple Machines Forum (SMF) when running in PHP before 4.2.0. This has an unknown impact and attack vectors.

Recommendations: For Simple Machines Forum (SMF) versions 1.1.x before 1.1.5, update to version 1.1.5 or later. For Simple Machines Forum (SMF) versions 1.0.x before 1.0.13, update to version 1.0.13 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2008-3072

Affected Products

Php

Simple Machines Forum

PT-2008-4499 · Php+1 · Php+1

CVE-2008-3072

Weakness Enumeration

Related Identifiers

Affected Products

References · 3