CVE

Id
26503  
CVE No.
CVE-2007-3146  
Status
Candidate  
Description
Zen Help Desk 2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing a password via a direct request for ZenHelpDesk.mdb.  
Phase
Assigned (20070611)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
268993 26503 CVE-2007-3146 BUGTRAQ:20070607 Zen Help Desk ==> Version 2.1 Bypass/  View
268994 26503 CVE-2007-3146 URL:http://www.securityfocus.com/archive/1/archive/1/470803/100/0/threaded  View
268995 26503 CVE-2007-3146 OSVDB:39231  View
268996 26503 CVE-2007-3146 URL:http://osvdb.org/39231  View
268997 26503 CVE-2007-3146 SREASON:2788  View
268998 26503 CVE-2007-3146 URL:http://securityreason.com/securityalert/2788  View
268999 26503 CVE-2007-3146 XF:zen-zenhelpdesk-information-disclosure(34770)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
51807 JVNDB-2007-000470 Yahoo! Messenger の Yahoo! Webcam view utilities ActiveX コントロールにバッファオーバーフローの脆弱性 Yahoo! Messenger に含まれる Yahoo! Webcam view utilities ActiveX コントロールには、バッファオーバーフローの脆弱性が存在します。 CVE-2007-3148 26503 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000470.html  View