CVE-2008-2019: CVE-2008-2019

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-2019

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Simple Machines Forum (SMF), probably 1.1.4, relies on "randomly generated static" to hinder brute-force attacks on the WAV file (aka audio) CAPTCHA, which allows remote attackers to pass the CAPTCHA test via an automated attack that considers Hamming distances. NOTE: this issue reportedly exists because of an insufficient fix for CVE-2007-3308.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SMF Audio CAPTCHA 安全绕过漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Simple Machines Forum (SMF)1.1.4, 可能依赖 "随机产生的静态数值"来阻碍在WAV file (又称 audio) CAPTCHA上的强力攻击,远程攻击者通过把加重平均也考虑了的一个自动化攻击来绕过CAPTCHA测试。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-2019

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/TheRook/AudioCaptchaBypass-CVE-2008-2019	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-2019

Please Login to view more intelligence information

http://www.simplemachines.org/community/index.php?P=c3696c2022b54fa50c5f341bf5710aa3&topic=236816.0x_refsource_CONFIRM
http://www.rooksecurity.com/blog/?p=6x_refsource_MISC
http://securityreason.com/securityalert/3836third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/28866vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/42150vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/491128/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2008-2019

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-2019

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-2019

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-2019

III. Intelligence Information for CVE-2008-2019

IV. Related Vulnerabilities

V. Comments for CVE-2008-2019

Leave a comment