Simple Machines Forum (SMF) <= 2.0.5 multiple vulnerabilities

2013.08.15
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

According to http://simplemachines.org/community/?topic=509417#msg3592194 Simple Machines Forum <= 2.0.5 (but > 1.1.*) is vulnerable to one or more (currently undocumented) security issues. The changes between v2.0.4 and 2.0.5 can be reviewed at http://custom.simplemachines.org/upgrades/index.php?action=upgrade;file=smf_patch_2.0.5.tar.gz;smf_version=2.0.4 This is just a heads up, I haven't tried to look into those in detail. CVE folks: If you'll handle this, please also check the last ones: http://simplemachines.org/community/?topic=496403.0 http://osvdb.org/show/osvdb/92745 http://osvdb.org/show/osvdb/88909 Moritz -- Naumann IT Security Consulting Samariterstr. 16 10247 Berlin Germany

References:

http://simplemachines.org/community/?topic=496403.0
http://osvdb.org/show/osvdb/92745
http://osvdb.org/show/osvdb/88909
http://custom.simplemachines.org/upgrades/index.php?action=upgrade;file=smf_patch_2.0.5.tar.gz;smf_version=2.0.4
http://simplemachines.org/community/?topic=509417#msg3592194


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top