CVE-2008-4107

by Fred · 18/09/2008

The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102.

Date published : 2008-09-18

http://www.securityfocus.com/bid/31115

http://www.securityfocus.com/archive/1/496237/100/0/threaded

CVE-2008-4107

Similar

Recent Posts

Categories

CVE-2008-4107

Share this:

Similar

Recent Posts

Categories

Tags