INFORMATION

Name : CVE-2008-2433 First Publication : 2008-08-27
Severity : High Last Modification : 2009-01-29

SCORING CVSS v2

Cvss Base Score : 7.5 Attack Range : Network
Cvss Impact Score : 6.4 Attack Complexity : Low
Cvss Expoit Score : 10 Authentification : None Required

Calculate full CVSS 2.0 Vectors scores

DETAIL

The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration."


MORE INFORMATIONS

If you login, you will see more informations about this alert including :

1 CWE ID(s)
6 CPE ID(s)
10 Secondary sources

Your browser must accept cookie for login.

Login : Password: Captcha :
Remember me ?
if you can not read it, please refresh the page

If you don't have a login, register for FREE.