WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote malicious users to perform actions as other users by guessing or sniffing the random value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alt-n mdaemon 8.1.3 |
||
alt-n worldclient 8.1.3 |