Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 11/09/2012 Updated: 12/09/2012

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and previous versions allow remote malicious users to hijack the authentication of privileged users for requests that (1) read files or execute (2) tar, (3) zip, or (4) gzip commands, a different issue than CVE-2012-2982.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gentoo webmin 1.500
gentoo webmin 1.480
gentoo webmin 1.470
gentoo webmin 1.450
gentoo webmin 1.290
gentoo webmin 1.280
gentoo webmin 1.270
gentoo webmin 1.260
gentoo webmin 1.560
gentoo webmin 1.520
gentoo webmin 1.430
gentoo webmin 1.410
gentoo webmin 1.320
gentoo webmin 1.300
gentoo webmin 1.240
gentoo webmin 1.220
gentoo webmin 1.140
gentoo webmin
gentoo webmin 1.580
gentoo webmin 1.570
gentoo webmin 1.550
gentoo webmin 1.390
gentoo webmin 1.380
gentoo webmin 1.370
gentoo webmin 1.340
gentoo webmin 1.200
gentoo webmin 1.180
gentoo webmin 1.170
gentoo webmin 1.160
gentoo webmin 1.150
gentoo webmin 1.530
gentoo webmin 1.510
gentoo webmin 1.440
gentoo webmin 1.420
gentoo webmin 1.400
gentoo webmin 1.330
gentoo webmin 1.310
gentoo webmin 1.230
gentoo webmin 1.210

CWE-352 http://americaninfosec.com/research/index.html http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf http://www.kb.cert.org/vuls/id/788478 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-4893

Vulnerability Summary

References

Vulmon Search

About

Products

Connect