Itaka before 0.2.1, when using Authentication mode, allows remote attackers to bypass authentication and obtain sensitive information by downloading screenshots via a direct request for /screenshot.
References
Link | Resource |
---|---|
http://osvdb.org/38278 | |
http://secunia.com/advisories/26146 | Patch Vendor Advisory |
http://www.jardinpresente.com.ar/trac/itaka/ticket/20 | Patch |
http://www.securityfocus.com/bid/24985 | Exploit Patch |
http://osvdb.org/38278 | |
http://secunia.com/advisories/26146 | Patch Vendor Advisory |
http://www.jardinpresente.com.ar/trac/itaka/ticket/20 | Patch |
http://www.securityfocus.com/bid/24985 | Exploit Patch |
Configurations
History
21 Nov 2024, 00:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/38278 - | |
References | () http://secunia.com/advisories/26146 - Patch, Vendor Advisory | |
References | () http://www.jardinpresente.com.ar/trac/itaka/ticket/20 - Patch | |
References | () http://www.securityfocus.com/bid/24985 - Exploit, Patch |
Information
Published : 2007-07-25 17:30
Updated : 2025-04-09 00:30
NVD link : CVE-2007-3964
Mitre link : CVE-2007-3964
CVE.ORG link : CVE-2007-3964
JSON object : View
Products Affected
itaka
- itaka
CWE