Vulnerability Details CVE-2007-3308
Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with insufficient randomization when creating a WAV file CAPTCHA, which allows remote attackers to pass the CAPTCHA test via an automated brute-force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/40617
- http://securitytracker.com/id?1018260
- http://securityvulns.ru/Rdocument271.html
- http://www.securityfocus.com/archive/1/471641/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34907
- http://osvdb.org/40617
- http://securitytracker.com/id?1018260
- http://securityvulns.ru/Rdocument271.html
- http://www.securityfocus.com/archive/1/471641/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34907
Products affected by CVE-2007-3308
-
cpe:2.3:a:simple_machines:simple_machines_forum:1.1.2