Vulnerability Description
The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Visualshapers | Ezcontents | <= 1.41 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html
- http://online.securityfocus.com/archive/1/284229
- http://www.iss.net/security_center/static/9711.phpVendor Advisory
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html
- http://online.securityfocus.com/archive/1/284229
- http://www.iss.net/security_center/static/9711.phpVendor Advisory
FAQ
What is CVE-2002-1084?
CVE-2002-1084 is a vulnerability with a CVSS score of 6.4 (MEDIUM). The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted informa...
How severe is CVE-2002-1084?
CVE-2002-1084 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1084?
Check the references section above for vendor advisories and patch information. Affected products include: Visualshapers Ezcontents.