Vulnerability Description
Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening unspecified screens, related to the "double click selector bug"; or modifying a (2) animal, (3) owner, (4) lost/found, (5) diary note, (6) owner donation, or (7) waiting list record, related to "change permissions" and the "new UI."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Shelter Manager | Animal Shelter Manager | <= 2.2.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30041Vendor Advisory
- http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220
- http://www.securityfocus.com/bid/29022
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42139
- http://secunia.com/advisories/30041Vendor Advisory
- http://sourceforge.net/project/shownotes.php?group_id=82533&release_id=596220
- http://www.securityfocus.com/bid/29022
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42139
FAQ
What is CVE-2008-6109?
CVE-2008-6109 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Robin Rawson-Tetley Animal Shelter Manager (ASM) before 2.2.2 does not properly enforce the privileges of user accounts, which allows local users to bypass intended access restrictions by (1) opening ...
How severe is CVE-2008-6109?
CVE-2008-6109 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6109?
Check the references section above for vendor advisories and patch information. Affected products include: Shelter Manager Animal Shelter Manager.