[VIM] Vendor ACK: CVE-2007-2017 (AlstraSoft useredit.php auth bypass)

Steven M. Christey coley at linus.mitre.org
Tue Jul 10 18:07:07 UTC 2007

---------- Forwarded message ----------
Date: Sat, 7 Jul 2007 14:51:07 +0800
From: AlstraSoft
Subject: Vulnerability Report (submitted through the National Vulnerability

Regarding: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2017

This security loophole has been fix in our current version which we have
added the admin login check for useredit.php and checking of the "id" in
msg.php - www.alstrasoft.com/videoshare_fix.zip

AlstraSoft Support Team

More information about the VIM mailing list