ByteOS Network

CVE Vulnerability Details :

CVE-2007-1343

PUBLISHED

More Info Official Page

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-08 Mar, 2007 | 00:00

Updated At-07 Aug, 2024 | 12:50

▼CVE Numbering Authority (CNA)

includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant vulnerabilities that probably include remote file inclusion and other issues.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.vupen.com/english/advisories/2007/0851	vdb-entry x_refsource_VUPEN
http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?view=log	x_refsource_CONFIRM
http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=491130	x_refsource_CONFIRM
http://secunia.com/advisories/24519	third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/22834	vdb-entry x_refsource_BID
http://www.debian.org/security/2007/dsa-1267	vendor-advisory x_refsource_DEBIAN
http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?r1=1.211.2.7&r2=1.211.2.8	x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/32832	vdb-entry x_refsource_XF
http://secunia.com/advisories/24403	third-party-advisory x_refsource_SECUNIA
http://sourceforge.net/mailarchive/forum.php?thread_id=31840112&forum_id=46247	mailing-list x_refsource_MLIST

Hyperlink: http://www.vupen.com/english/advisories/2007/0851

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?view=log

Resource:

x_refsource_CONFIRM

Hyperlink: http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=491130

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/24519

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securityfocus.com/bid/22834

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.debian.org/security/2007/dsa-1267

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?r1=1.211.2.7&r2=1.211.2.8

Resource:

x_refsource_CONFIRM

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32832

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://secunia.com/advisories/24403

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sourceforge.net/mailarchive/forum.php?thread_id=31840112&forum_id=46247

Resource:

mailing-list

x_refsource_MLIST

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.vupen.com/english/advisories/2007/0851	vdb-entry x_refsource_VUPEN x_transferred
http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?view=log	x_refsource_CONFIRM x_transferred
http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=491130	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/24519	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securityfocus.com/bid/22834	vdb-entry x_refsource_BID x_transferred
http://www.debian.org/security/2007/dsa-1267	vendor-advisory x_refsource_DEBIAN x_transferred
http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?r1=1.211.2.7&r2=1.211.2.8	x_refsource_CONFIRM x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/32832	vdb-entry x_refsource_XF x_transferred
http://secunia.com/advisories/24403	third-party-advisory x_refsource_SECUNIA x_transferred
http://sourceforge.net/mailarchive/forum.php?thread_id=31840112&forum_id=46247	mailing-list x_refsource_MLIST x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/0851

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?view=log

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=491130

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/24519

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securityfocus.com/bid/22834

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://www.debian.org/security/2007/dsa-1267

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://webcalendar.cvs.sourceforge.net/webcalendar/webcalendar/includes/functions.php?r1=1.211.2.7&r2=1.211.2.8

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32832

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://secunia.com/advisories/24403

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sourceforge.net/mailarchive/forum.php?thread_id=31840112&forum_id=46247

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References