2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2007-0652" ,
"sourceIdentifier" : "PSIRT-CNA@flexerasoftware.com" ,
"published" : "2007-02-15T23:28:00.000" ,
"lastModified" : "2018-10-16T16:33:43.327" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag."
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en MailEnable Professional versiones anteriores a 2.37 permite a atacantes remotos modificar configuraciones de su elecci\u00f3n y realizar acciones no autorizadas como usuarios de su elecci\u00f3n mediante una etiqueta link \u00f3 IMG.\r\n"
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:H/Au:N/C:P/I:P/A:P" ,
"accessVector" : "NETWORK" ,
"accessComplexity" : "HIGH" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
"availabilityImpact" : "PARTIAL" ,
"baseScore" : 5.1
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 4.9 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : true ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D078B497-4C3C-4246-87C5-58DC5EEED452"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "97DD9EC9-1A27-4A96-95A1-086DEA1E3890"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "193959CF-DAF3-4C62-8DB0-660115E1D41B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8A827A0E-BDF2-4BAB-9F52-0014FE6E4B70"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "82CF54A9-CF50-4B23-8E3A-AFB08F7F98F9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "51BA53BA-CDF5-42EC-8D2B-EC24FDF82931"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F6B1E90C-AA06-4A89-90B3-0E7140F9B8DC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "060D809A-C603-4E06-9F57-3C76FEE6F86D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D53DE94B-0C32-4DDB-B13B-7B05208477AD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1A5EA901-CD07-464B-8EB0-8F845EDABAA6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "92B2611A-D7CF-441A-BA60-F27CF28BEB3B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7139C2FC-4DA3-4193-B130-05524EB97C69"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C78B7FD6-2433-4EAA-8B3E-0507F81D54FC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1B8B058B-F517-46C4-AC05-8EC258E38A75"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AF16E400-930E-4845-BB23-ED1217505302"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CFAF9C8-DB67-446E-B63C-530CB0C170B4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "08F30383-D23F-4CA5-BC02-7716398BC042"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7ADEF40C-4C56-4893-B757-15966ED5A925"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE40F5BA-6174-4959-BFD1-CCECAB138009"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "430C8E86-F7CA-4217-A3C1-71CBE5CAB825"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D35AD18C-CA58-4DFC-A60F-49B698607B33"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B219EBD1-B0E9-4599-B633-AA4C227E5854"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "81249BA3-3D1D-4388-BE8D-28AB5CA3AFF0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "771D029C-9F4A-41F9-8F86-F1B1BD38B329"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F32956E6-A13B-4663-BBC9-FEB08A1DCC3A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1AABE2F0-FEC1-4BDE-B1C0-92FF2CEA48E0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "652F54CA-1CCA-4BC9-8728-A0F6FABF8817"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "269BCB9D-9AEF-40E2-8291-50EC2A083775"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "88435083-D7A8-4679-BEB1-4B6526454C3D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "145A8B1A-573D-4695-B66A-FF8EA2556DC4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C9572349-9433-415F-B81B-10A1375AF33F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6F4AADE9-F3FB-4272-8026-58FC677D3F3F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4F785125-F530-4674-B2B3-0D97E8397391"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5F59A308-7D1A-4C4F-A34C-27FDCF12E3C1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "652E1512-B1B1-44B5-93CF-9C526B95BA38"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2835FBA2-79E4-4541-913C-21BAD3320D55"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CD9449E3-1CEA-40AF-BD00-94B56E38AF5C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "39724984-2A10-441F-A103-2DFA693F4F19"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D01DB7FF-7171-43D2-96F3-E5C0AABA4877"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "77B95FCC-55C7-4B44-B8C7-85792C7E91BB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "16E07556-02E5-42FA-9338-3176EB2ED536"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "539C5F71-83FC-455C-8180-72C9F1E2C4A9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C1C4D762-BF84-4734-B9AD-ED9F3FB85D0E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B6B410FC-650E-4E51-8634-D99113E8B1AF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "45C6B358-93A6-4A9A-B284-9DFA9C981620"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2638B249-E955-48B3-A309-EF92737E015D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2F275DA6-7799-4B51-8F9C-DD23E8A3C5AB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4FB961BA-8FAB-4FC5-B582-AF758E7D0E7B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A400F721-435F-4EBA-8BC2-92E4769A35A8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "61206A1A-FF1A-4A45-8952-509168BD8495"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A4FD7082-AC93-426F-9DA7-50CBFFDAC07A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EB0576FE-F0BC-4DA7-B007-7DA49F369700"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B2826B3D-44E0-4D4B-A681-8C3DADF522F9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "662AEDE4-698E-4C78-93B4-4B915749DF80"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "87E5107B-BDC2-4972-A3A4-AA6782E46B0E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6739BEA4-C75F-476E-AF5D-449D8236E042"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7FD0D1C2-A067-4F86-9179-ED1C263BE5B8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6FBA085C-8A89-4625-9811-AF1B615F5939"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://osvdb.org/33191" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://secunia.com/advisories/23998" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-38/advisory/" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://securityreason.com/securityalert/2258" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/460063/100/0/threaded" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/bid/22554" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2007/0595" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
}
]
}
