CVE-2008-3736

Properties

Published:
26.08.2008
Updated:
29.08.2008
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Product:
spacetag: lacoodast

Vulnerability description

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to (a) change passwords or (b) change configurations as arbitrary users via unspecified vectors.

References:

http://jvn.jp/en/jp/JVN83428818/index.html: http://jvn.jp/en/jp/JVN83428818/index.html
http://wiz.syscon.co.jp/Details.htm: http://wiz.syscon.co.jp/Details.htm
BID: http://www.securityfocus.com/bid/30791
SECUNIA: http://secunia.com/advisories/31574
SECUNIA: http://secunia.com/advisories/31582
XF: http://xforce.iss.net/xforce/xfdb/44592