1.0.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

icz

NVD

Published: 2012-04-06

Updated: 2012-11-20

Summary

Session fixation vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack web sessions via unspecified vectors. Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation'

Vulnerable Configurations

Part	Description	Count
Application	Icz ICZ Sencha SNS 1.0.0 ICZ Sencha SNS 1.0.1	2

References

http://jvn.jp/en/jp/JVN97200417/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000030
http://oss.icz.co.jp/news/?p=501
http://osvdb.org/81020
http://www.securityfocus.com/bid/52900