NuytsTech Security

CVE-2007-3871

by ·

Stampit Web uses guessable id values for online stamp purchases, which allows remote attackers to cause a denial of service (stamp invalidation) via a SOAP request with an id value for a stamp that has not yet been printed.

Date published : 2007-09-12

http://seclists.org/fulldisclosure/2007/Aug/0441.html

https://www.cynops.de/advisories/CVE-2007-3871-signed.txt

Tags: