Vulnerability Description
The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Granite Software | Zmerge | 4.0 |
References
- http://marc.info/?l=bugtraq&m=103134154721846&w=2
- http://www.iss.net/security_center/static/10057.phpVendor Advisory
- http://www.securityfocus.com/bid/5101
- http://marc.info/?l=bugtraq&m=103134154721846&w=2
- http://www.iss.net/security_center/static/10057.phpVendor Advisory
- http://www.securityfocus.com/bid/5101
FAQ
What is CVE-2002-0664?
CVE-2002-0664 is a vulnerability with a CVSS score of 7.5 (HIGH). The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to ...
How severe is CVE-2002-0664?
CVE-2002-0664 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0664?
Check the references section above for vendor advisories and patch information. Affected products include: Granite Software Zmerge.