Published: 18/07/2006 Updated: 08/03/2011

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper Estraier prior to 1.3.3 allows remote malicious users to perform unauthorized actions as other users via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hyper estraier hyper estraier 1.0
hyper estraier hyper estraier 1.1.0
hyper estraier hyper estraier 1.1.1
hyper estraier hyper estraier 1.2.4
hyper estraier hyper estraier 1.2.5
hyper estraier hyper estraier
hyper estraier hyper estraier 1.0.1
hyper estraier hyper estraier 1.0.2
hyper estraier hyper estraier 1.1.2
hyper estraier hyper estraier 1.1.3
hyper estraier hyper estraier 1.2.6
hyper estraier hyper estraier 1.2.7
hyper estraier hyper estraier 1.0.5
hyper estraier hyper estraier 1.0.6
hyper estraier hyper estraier 1.2.1
hyper estraier hyper estraier 1.2.3
hyper estraier hyper estraier 1.3.0
hyper estraier hyper estraier 1.3.1
hyper estraier hyper estraier 1.0.3
hyper estraier hyper estraier 1.0.4
hyper estraier hyper estraier 1.1.4
hyper estraier hyper estraier 1.1.5
hyper estraier hyper estraier 1.1.6
hyper estraier hyper estraier 1.2.8
hyper estraier hyper estraier 1.2.9

Debian Bug report logs - #379060 hyperestraier: CVE-2006-3671: cross-site request forgery Package: hyperestraier; Maintainer for hyperestraier is KURASHIKI Satoru <lurdan@gmailcom>; Source for hyperestraier is src:hyperestraier (PTS, buildd, popcon) Reported by: Alec Berryman <alec@thenednet> Date: Thu, 20 Jul 2006 ...

NVD-CWE-Other http://sourceforge.net/project/shownotes.php?release_id=432119 http://secunia.com/advisories/21049 http://www.vupen.com/english/advisories/2006/2827 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=379060 https://nvd.nist.gov

CVE-2006-3671

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect