[VIM] Vendor ACK: CVE-2007-2017 (AlstraSoft useredit.php auth bypass)
Steven M. Christey
coley at linus.mitre.org
Tue Jul 10 18:07:07 UTC 2007
---------- Forwarded message ----------
Date: Sat, 7 Jul 2007 14:51:07 +0800
From: AlstraSoft
Subject: Vulnerability Report (submitted through the National Vulnerability
Database)
Regarding: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2017
This security loophole has been fix in our current version which we have
added the admin login check for useredit.php and checking of the "id" in
msg.php - www.alstrasoft.com/videoshare_fix.zip
AlstraSoft Support Team
http://www.alstrasoft.com
More information about the VIM
mailing list