CVE-2007-6319 | Vulnerability Database | Aqua Security

Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating new accounts that collide with existing accounts.

Affected Software

Name	Vendor	Start Version	End Version
List_manager	Lyris	8.95 (including)	8.95 (including)
List_manager	Lyris	8.95a (including)	8.95a (including)
List_manager	Lyris	8.95b (including)	8.95b (including)
List_manager	Lyris	8.95c (including)	8.95c (including)
List_manager	Lyris	9.2 (including)	9.2 (including)
List_manager	Lyris	9.2a (including)	9.2a (including)
List_manager	Lyris	9.2b (including)	9.2b (including)
List_manager	Lyris	9.3 (including)	9.3 (including)
List_manager	Lyris	9.3a (including)	9.3a (including)

References

http://secunia.com/advisories/29019
http://securityreason.com/securityalert/3671
http://securitytracker.com/id?1019436
http://www.securityfocus.com/archive/1/488343/100/0/threaded
http://www.securityfocus.com/bid/26792
http://www.vupen.com/english/advisories/2008/0618

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-6319
CWE	https://cwe.mitre.org/data/definitions/264.html