Vulnerability Details CVE-2007-6319
Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/29019
- http://securityreason.com/securityalert/3671
- http://securitytracker.com/id?1019436
- http://www.securityfocus.com/archive/1/488343/100/0/threaded
- http://www.securityfocus.com/bid/26792
- http://www.vupen.com/english/advisories/2008/0618
- http://secunia.com/advisories/29019
- http://securityreason.com/securityalert/3671
- http://securitytracker.com/id?1019436
- http://www.securityfocus.com/archive/1/488343/100/0/threaded
- http://www.securityfocus.com/bid/26792
- http://www.vupen.com/english/advisories/2008/0618
Products affected by CVE-2007-6319
-
cpe:2.3:a:lyris:list_manager:8.95
-
cpe:2.3:a:lyris:list_manager:8.95a
-
cpe:2.3:a:lyris:list_manager:8.95b
-
cpe:2.3:a:lyris:list_manager:8.95c
-
cpe:2.3:a:lyris:list_manager:9.2
-
cpe:2.3:a:lyris:list_manager:9.2a
-
cpe:2.3:a:lyris:list_manager:9.2b
-
cpe:2.3:a:lyris:list_manager:9.3
-
cpe:2.3:a:lyris:list_manager:9.3a