Session Fixation Vulnerability in Ampache Product by Ampache
CVE-2007-4438

Currently unrated

Key Information:

Vendor: Ampache
Status: Ampache
Vendor: CVE Published:; 20 August 2007

What is CVE-2007-4438?

A session fixation vulnerability exists in Ampache versions prior to 3.3.3.5, allowing attackers to hijack user sessions through unspecified vectors. This flaw can potentially enable unauthorized access to a user's session, giving attackers the ability to perform actions on behalf of the user without their consent. Users are advised to upgrade to the latest version to mitigate the risks associated with this vulnerability.

References

http://bugs.gentoo.org/show_bug.cgi?id=189607

x_refsource_CONFIRM

http://secunia.com/advisories/27253

third-party-advisoryx_refsource_SECUNIA

http://www.ampache.org/announce/3_3_3_5.php

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2007
Vulnerability Reserved
Aug 20, 2007