CVE-2011-1128 in SMFinfo

Summary

The loadUserSettings function in Load.php in Simple Machines Forum (SMF) before 1.1.13, and 2.x before 2.0 RC5, does not properly handle invalid login attempts, which might make it easier for remote attackers to obtain access or cause a denial of service via a brute-force attack.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/02/2011

Disclosure

06/20/2011

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
57738	Simplemachines SMF Load.php loadUserSettings cryptographic issue	310	Not defined	Official fix	CVE-2011-1128

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!