CVE-2011-5133

Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blog.mybb.com/2011/11/25/mybb-1-6-5-released-feature-update-security-maintenance-release/	Vendor Advisory
http://secunia.com/advisories/46951	Vendor Advisory
http://www.osvdb.org/77325
http://www.securityfocus.com/bid/50816
http://blog.mybb.com/2011/11/25/mybb-1-6-5-released-feature-update-security-maintenance-release/	Vendor Advisory
http://secunia.com/advisories/46951	Vendor Advisory
http://www.osvdb.org/77325
http://www.securityfocus.com/bid/50816

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mybb:mybb::::::::
	cpe:2.3:a:mybb:mybb:1.1.0:::::::*
	cpe:2.3:a:mybb:mybb:1.1.1:::::::*
	cpe:2.3:a:mybb:mybb:1.1.2:::::::*
	cpe:2.3:a:mybb:mybb:1.1.3:::::::*
	cpe:2.3:a:mybb:mybb:1.1.4:::::::*
	cpe:2.3:a:mybb:mybb:1.1.5:::::::*
	cpe:2.3:a:mybb:mybb:1.1.6:::::::*
	cpe:2.3:a:mybb:mybb:1.1.7:::::::*
	cpe:2.3:a:mybb:mybb:1.1.8:::::::*
	cpe:2.3:a:mybb:mybb:1.2:::::::*
	cpe:2.3:a:mybb:mybb:1.2.0:::::::*
	cpe:2.3:a:mybb:mybb:1.2.1:::::::*
	cpe:2.3:a:mybb:mybb:1.2.2:::::::*
	cpe:2.3:a:mybb:mybb:1.2.3:::::::*
	cpe:2.3:a:mybb:mybb:1.2.4:::::::*
	cpe:2.3:a:mybb:mybb:1.2.5:::::::*
	cpe:2.3:a:mybb:mybb:1.2.6:::::::*
	cpe:2.3:a:mybb:mybb:1.2.7:::::::*
	cpe:2.3:a:mybb:mybb:1.2.8:::::::*
	cpe:2.3:a:mybb:mybb:1.2.9:::::::*
	cpe:2.3:a:mybb:mybb:1.2.10:::::::*
	cpe:2.3:a:mybb:mybb:1.2.11:::::::*
	cpe:2.3:a:mybb:mybb:1.2.12:::::::*
	cpe:2.3:a:mybb:mybb:1.2.13:::::::*
	cpe:2.3:a:mybb:mybb:1.2.14:::::::*
	cpe:2.3:a:mybb:mybb:1.3:pre-1.0::::::
	cpe:2.3:a:mybb:mybb:1.4.0:::::::*
	cpe:2.3:a:mybb:mybb:1.4.1:::::::*
	cpe:2.3:a:mybb:mybb:1.4.2:::::::*
	cpe:2.3:a:mybb:mybb:1.4.3:::::::*
	cpe:2.3:a:mybb:mybb:1.4.4:::::::*
	cpe:2.3:a:mybb:mybb:1.4.5:::::::*
	cpe:2.3:a:mybb:mybb:1.4.6:::::::*
	cpe:2.3:a:mybb:mybb:1.4.7:::::::*
	cpe:2.3:a:mybb:mybb:1.4.8:::::::*
	cpe:2.3:a:mybb:mybb:1.4.9:::::::*
	cpe:2.3:a:mybb:mybb:1.4.10:::::::*
	cpe:2.3:a:mybb:mybb:1.4.11:::::::*
	cpe:2.3:a:mybb:mybb:1.4.12:::::::*
	cpe:2.3:a:mybb:mybb:1.4.13:::::::*
	cpe:2.3:a:mybb:mybb:1.4.14:::::::*
	cpe:2.3:a:mybb:mybb:1.4.15:::::::*
	cpe:2.3:a:mybb:mybb:1.4.16:::::::*
	cpe:2.3:a:mybb:mybb:1.5.1:::::::*
	cpe:2.3:a:mybb:mybb:1.5.2:::::::*
	cpe:2.3:a:mybb:mybb:1.6.0:::::::*
	cpe:2.3:a:mybb:mybb:1.6.1:::::::*
	cpe:2.3:a:mybb:mybb:1.6.2:::::::*
	cpe:2.3:a:mybb:mybb:1.6.3:::::::*

History

21 Nov 2024, 01:33

Type	Values Removed	Values Added
References	~~() http://blog.mybb.com/2011/11/25/mybb-1-6-5-released-feature-update-security-maintenance-release/ - Vendor Advisory~~	() http://blog.mybb.com/2011/11/25/mybb-1-6-5-released-feature-update-security-maintenance-release/ - Vendor Advisory
References	~~() http://secunia.com/advisories/46951 - Vendor Advisory~~	() http://secunia.com/advisories/46951 - Vendor Advisory
References	~~() http://www.osvdb.org/77325 -~~	() http://www.osvdb.org/77325 -
References	~~() http://www.securityfocus.com/bid/50816 -~~	() http://www.securityfocus.com/bid/50816 -

Information

Published : 2012-08-30 22:55

Updated : 2024-11-21 01:33

NVD link : CVE-2011-5133

Mitre link : CVE-2011-5133

CVE.ORG link : CVE-2011-5133

JSON object : View

Products Affected

mybb

mybb

CWE

NVD-CWE-noinfo

10.0 /10