{ "id": "CVE-2007-0652", "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "published": "2007-02-15T23:28:00.000", "lastModified": "2018-10-16T16:33:43.327", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag." }, { "lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en MailEnable Professional versiones anteriores a 2.37 permite a atacantes remotos modificar configuraciones de su elecci\u00f3n y realizar acciones no autorizadas como usuarios de su elecci\u00f3n mediante una etiqueta link \u00f3 IMG.\r\n" } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "HIGH", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 5.1 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 4.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.004:*:*:*:*:*:*:*", "matchCriteriaId": "D078B497-4C3C-4246-87C5-58DC5EEED452" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.005:*:*:*:*:*:*:*", "matchCriteriaId": "97DD9EC9-1A27-4A96-95A1-086DEA1E3890" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.006:*:*:*:*:*:*:*", "matchCriteriaId": "193959CF-DAF3-4C62-8DB0-660115E1D41B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.007:*:*:*:*:*:*:*", "matchCriteriaId": "8A827A0E-BDF2-4BAB-9F52-0014FE6E4B70" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.008:*:*:*:*:*:*:*", "matchCriteriaId": "82CF54A9-CF50-4B23-8E3A-AFB08F7F98F9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.009:*:*:*:*:*:*:*", "matchCriteriaId": "51BA53BA-CDF5-42EC-8D2B-EC24FDF82931" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.010:*:*:*:*:*:*:*", "matchCriteriaId": "F6B1E90C-AA06-4A89-90B3-0E7140F9B8DC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.011:*:*:*:*:*:*:*", "matchCriteriaId": "060D809A-C603-4E06-9F57-3C76FEE6F86D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.012:*:*:*:*:*:*:*", "matchCriteriaId": "D53DE94B-0C32-4DDB-B13B-7B05208477AD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.013:*:*:*:*:*:*:*", "matchCriteriaId": "1A5EA901-CD07-464B-8EB0-8F845EDABAA6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.014:*:*:*:*:*:*:*", "matchCriteriaId": "92B2611A-D7CF-441A-BA60-F27CF28BEB3B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.015:*:*:*:*:*:*:*", "matchCriteriaId": "7139C2FC-4DA3-4193-B130-05524EB97C69" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.016:*:*:*:*:*:*:*", "matchCriteriaId": "C78B7FD6-2433-4EAA-8B3E-0507F81D54FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.0.017:*:*:*:*:*:*:*", "matchCriteriaId": "1B8B058B-F517-46C4-AC05-8EC258E38A75" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF16E400-930E-4845-BB23-ED1217505302" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "8CFAF9C8-DB67-446E-B63C-530CB0C170B4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.2a:*:*:*:*:*:*:*", "matchCriteriaId": "08F30383-D23F-4CA5-BC02-7716398BC042" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "7ADEF40C-4C56-4893-B757-15966ED5A925" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "FE40F5BA-6174-4959-BFD1-CCECAB138009" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "430C8E86-F7CA-4217-A3C1-71CBE5CAB825" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D35AD18C-CA58-4DFC-A60F-49B698607B33" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "B219EBD1-B0E9-4599-B633-AA4C227E5854" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "81249BA3-3D1D-4388-BE8D-28AB5CA3AFF0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.16:*:*:*:*:*:*:*", "matchCriteriaId": "771D029C-9F4A-41F9-8F86-F1B1BD38B329" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.17:*:*:*:*:*:*:*", "matchCriteriaId": "F32956E6-A13B-4663-BBC9-FEB08A1DCC3A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.18:*:*:*:*:*:*:*", "matchCriteriaId": "1AABE2F0-FEC1-4BDE-B1C0-92FF2CEA48E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.19:*:*:*:*:*:*:*", "matchCriteriaId": "652F54CA-1CCA-4BC9-8728-A0F6FABF8817" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.51:*:*:*:*:*:*:*", "matchCriteriaId": "269BCB9D-9AEF-40E2-8291-50EC2A083775" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.52:*:*:*:*:*:*:*", "matchCriteriaId": "88435083-D7A8-4679-BEB1-4B6526454C3D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.53:*:*:*:*:*:*:*", "matchCriteriaId": "145A8B1A-573D-4695-B66A-FF8EA2556DC4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.54:*:*:*:*:*:*:*", "matchCriteriaId": "C9572349-9433-415F-B81B-10A1375AF33F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*", "matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*", "matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.82:*:*:*:*:*:*:*", "matchCriteriaId": "4F785125-F530-4674-B2B3-0D97E8397391" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.83:*:*:*:*:*:*:*", "matchCriteriaId": "5F59A308-7D1A-4C4F-A34C-27FDCF12E3C1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.84:*:*:*:*:*:*:*", "matchCriteriaId": "201B610A-DD27-48D2-A3EF-DFEBBDEA04BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.101:*:*:*:*:*:*:*", "matchCriteriaId": "652E1512-B1B1-44B5-93CF-9C526B95BA38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.102:*:*:*:*:*:*:*", "matchCriteriaId": "2835FBA2-79E4-4541-913C-21BAD3320D55" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.103:*:*:*:*:*:*:*", "matchCriteriaId": "CD9449E3-1CEA-40AF-BD00-94B56E38AF5C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.104:*:*:*:*:*:*:*", "matchCriteriaId": "39724984-2A10-441F-A103-2DFA693F4F19" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.105:*:*:*:*:*:*:*", "matchCriteriaId": "D01DB7FF-7171-43D2-96F3-E5C0AABA4877" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.106:*:*:*:*:*:*:*", "matchCriteriaId": "77B95FCC-55C7-4B44-B8C7-85792C7E91BB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.107:*:*:*:*:*:*:*", "matchCriteriaId": "16E07556-02E5-42FA-9338-3176EB2ED536" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.108:*:*:*:*:*:*:*", "matchCriteriaId": "539C5F71-83FC-455C-8180-72C9F1E2C4A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.109:*:*:*:*:*:*:*", "matchCriteriaId": "C1C4D762-BF84-4734-B9AD-ED9F3FB85D0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.110:*:*:*:*:*:*:*", "matchCriteriaId": "B6B410FC-650E-4E51-8634-D99113E8B1AF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.111:*:*:*:*:*:*:*", "matchCriteriaId": "45C6B358-93A6-4A9A-B284-9DFA9C981620" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.112:*:*:*:*:*:*:*", "matchCriteriaId": "2638B249-E955-48B3-A309-EF92737E015D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.113:*:*:*:*:*:*:*", "matchCriteriaId": "2F275DA6-7799-4B51-8F9C-DD23E8A3C5AB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.114:*:*:*:*:*:*:*", "matchCriteriaId": "4FB961BA-8FAB-4FC5-B582-AF758E7D0E7B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.115:*:*:*:*:*:*:*", "matchCriteriaId": "A400F721-435F-4EBA-8BC2-92E4769A35A8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.116:*:*:*:*:*:*:*", "matchCriteriaId": "61206A1A-FF1A-4A45-8952-509168BD8495" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A4FD7082-AC93-426F-9DA7-50CBFFDAC07A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB0576FE-F0BC-4DA7-B007-7DA49F369700" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B2826B3D-44E0-4D4B-A681-8C3DADF522F9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.32:*:*:*:*:*:*:*", "matchCriteriaId": "662AEDE4-698E-4C78-93B4-4B915749DF80" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.33:*:*:*:*:*:*:*", "matchCriteriaId": "87E5107B-BDC2-4972-A3A4-AA6782E46B0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.34:*:*:*:*:*:*:*", "matchCriteriaId": "6739BEA4-C75F-476E-AF5D-449D8236E042" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.35:*:*:*:*:*:*:*", "matchCriteriaId": "7FD0D1C2-A067-4F86-9179-ED1C263BE5B8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mailenable:mailenable_professional:2.351:*:*:*:*:*:*:*", "matchCriteriaId": "6FBA085C-8A89-4625-9811-AF1B615F5939" } ] } ] } ], "references": [ { "url": "http://osvdb.org/33191", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://secunia.com/advisories/23998", "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://secunia.com/secunia_research/2007-38/advisory/", "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://securityreason.com/securityalert/2258", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://www.securityfocus.com/archive/1/460063/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://www.securityfocus.com/bid/22554", "source": "PSIRT-CNA@flexerasoftware.com" }, { "url": "http://www.vupen.com/english/advisories/2007/0595", "source": "PSIRT-CNA@flexerasoftware.com" } ] }