CVE-2007-6319

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."

Published: Feb 19, 2008
Updated: Apr 13, 2023
CVE: CVE-2007-6319
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
lyris / list_manager	8.95a	8.95a.x
lyris / list_manager	9.2b	9.2b.x
lyris / list_manager	8.95	8.95.x
lyris / list_manager	8.95c	8.95c.x
lyris / list_manager	9.3a	9.3a.x
lyris / list_manager	9.2	9.2.x
lyris / list_manager	9.2a	9.2a.x
lyris / list_manager	9.3	9.3.x
lyris / list_manager	8.95b	8.95b.x

http://secunia.com/advisories/29019
http://securityreason.com/securityalert/3671
http://securitytracker.com/id?1019436
http://www.securityfocus.com/archive/1/488343/100/0/threaded
http://www.securityfocus.com/bid/26792
http://www.vupen.com/english/advisories/2008/0618

Vulnerability Database

CVE-2007-6319

Deep Security Visibility Without the Complexity