CVE

Id
35047  
CVE No.
CVE-2008-4930  
Status
Candidate  
Description
MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded file with a nonstandard file type that contains HTML sequences, which allows remote attackers to cause that file to be processed as HTML by Internet Explorer"s content inspection, aka "Incomplete protection against MIME-sniffing." NOTE: this could be leveraged for XSS and other attacks.  
Phase
Assigned (20081104)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
383505 35047 CVE-2008-4930 BUGTRAQ:20081027 MyBB 1.4.2: Multiple Vulnerabilties  View
383506 35047 CVE-2008-4930 URL:http://archives.neohapsis.com/archives/bugtraq/2008-10/0203.html  View
383507 35047 CVE-2008-4930 FULLDISC:20081027 MyBB 1.4.2: Multiple Vulnerabilties  View
383508 35047 CVE-2008-4930 URL:http://archives.neohapsis.com/archives/fulldisclosure/2008-10/0472.html  View
383509 35047 CVE-2008-4930 MLIST:[oss-security] 20081101 CVE request (Fwd: MyBB 1.4.2: Multiple Vulnerabilties)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
46963 JVNDB-2008-002273 Linux Kernel の hfsplus_block_allocate 関数におけるサービス運用妨害 (DoS) の脆弱性 Linux Kernel の fs/hfsplus/catalog.c における hfsplus_block_allocate 関数には、read_mapping_page 関数からの戻り値をチェックしないため、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2008-4934 35047 7.8 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002273.html  View