Vulnerabilities > CVE-2008-3072 - Numeric Errors vulnerability in Simple Machines Simple Machines Forum

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

simple-machines

CWE-189

NVD

Published: 2008-07-08

Updated: 2012-11-27

Summary

Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.

Vulnerable Configurations

Part	Description	Count
Application	Simple_Machines Simple Machines Simple Machines Forum *	1

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

References

http://secunia.com/advisories/30955
http://www.simplemachines.org/community/index.php?P=c3696c2022b54fa50c5f341bf5710aa3&topic=236816.0