Secunia
Login
|
|
CVE Reference: CVE-2010-3891 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-3891 |
|
|
Description: Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a saveNewUser action. |
|
|
CVE Status: Candidate |
|
|
References: OSVDB 69083 MISC http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt EXPLOIT-DB http://www.exploit-db.com/exploits/15473 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/514688/100/0/threaded BID 44740 |
|
| Return to the previous page. |
