CVE-2008-3375
Last modified
CVE-2008-3375 is a vulnerability of currently unknown severity. The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie.. EPSS estimates a 3.56% chance of exploitation in the next 30 days.
Description
The jrCookie function in includes/jamroom-misc.inc.php in JamRoom before 3.4.0 allows remote attackers to bypass authentication and gain administrative access via a boolean value within serialized data in a JMU_Cookie cookie.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Jamroom | Jamroom | <= 3.3.8 | — |
| Jamroom | Jamroom | 1.0 | — |
| Jamroom | Jamroom | 2.0.9 | A |
| Jamroom | Jamroom | 2.6.10 | — |
| Jamroom | Jamroom | 2.6.11 | — |
| Jamroom | Jamroom | 2.6.12 | — |
| Jamroom | Jamroom | 2.60 | — |
| Jamroom | Jamroom | 2.61 | — |
| Jamroom | Jamroom | 2.62 | — |
| Jamroom | Jamroom | 2.63 | — |
| Jamroom | Jamroom | 2.64 | — |
| Jamroom | Jamroom | 2.65 | — |
| Jamroom | Jamroom | 2.66 | — |
| Jamroom | Jamroom | 2.67 | — |
| Jamroom | Jamroom | 2.68 | — |
| Jamroom | Jamroom | 2.69 | — |
| Jamroom | Jamroom | 3.0 | — |
| Jamroom | Jamroom | 3.0.1 | — |
| Jamroom | Jamroom | 3.0.2 | — |
| Jamroom | Jamroom | 3.0.3 | — |
| Jamroom | Jamroom | 3.0.4 | — |
| Jamroom | Jamroom | 3.0.5 | — |
| Jamroom | Jamroom | 3.0.6 | — |
| Jamroom | Jamroom | 3.0.7 | — |
| Jamroom | Jamroom | 3.0.8 | — |
| Jamroom | Jamroom | 3.0.9 | — |
| Jamroom | Jamroom | 3.0.10 | — |
| Jamroom | Jamroom | 3.0.11 | — |
| Jamroom | Jamroom | 3.0.12 | — |
| Jamroom | Jamroom | 3.0.13 | — |
| Jamroom | Jamroom | 3.0.14 | — |
| Jamroom | Jamroom | 3.0.15 | — |
| Jamroom | Jamroom | 3.0.16 | — |
| Jamroom | Jamroom | 3.0.17 | — |
| Jamroom | Jamroom | 3.0.18 | — |
| Jamroom | Jamroom | 3.0.19 | — |
| Jamroom | Jamroom | 3.0.20 | — |
| Jamroom | Jamroom | 3.0.21 | — |
| Jamroom | Jamroom | 3.0.22 | — |
| Jamroom | Jamroom | 3.0.23 | — |
| Jamroom | Jamroom | 3.0.24 | — |
| Jamroom | Jamroom | 3.0.25 | — |
| Jamroom | Jamroom | 3.0.26 | — |
| Jamroom | Jamroom | 3.0.27 | — |
| Jamroom | Jamroom | 3.0.28 | — |
| Jamroom | Jamroom | 3.0.29 | — |
| Jamroom | Jamroom | 3.0.30 | — |
| Jamroom | Jamroom | 3.1.0 | — |
| Jamroom | Jamroom | 3.1.1 | — |
| Jamroom | Jamroom | 3.1.2 | — |
Showing 50 of 68 affected configurations. See NVD for the full list.
References
- http://secunia.com/advisories/31249Vendor Advisory
- http://secunia.com/advisories/31249Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-3375?
How severe is CVE-2008-3375?
How do I fix CVE-2008-3375?
Are you affected by CVE-2008-3375?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST