Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-4723 | First vendor Publication | 2011-02-03 |
Vendor | Cve | Last vendor Modification | 2011-02-15 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) private object members of an assigned object, which has unspecified impact and remote attack vectors. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4723 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70793 | Smarty Dynamic / Private Object Member Access Restriction Weakness Smarty contains a flaw when security is enabled related to the failure to prevent access to the dynamic and private object members of an assigned object. This may allow a remote attacker to have an unspecified impact. No further details are available. |
Sources (Detail)
Source | Url |
---|---|
CONFIRM | http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt |
Alert History
Date | Informations |
---|---|
2021-05-05 01:07:32 |
|
2021-05-04 12:12:39 |
|
2021-04-22 01:13:43 |
|
2020-05-23 01:43:26 |
|
2020-05-23 00:27:18 |
|
2019-05-14 12:02:54 |
|
2013-05-10 23:39:16 |
|