Summary
The remote Allegro RomPager service is vulnerable to the `Misfortune Cookie` Vulnerability
Solution
Ask the vendor for an update
Affected
RomPager services with versions before 4.34
Detection
Send a HTTP GET request with a special crafted cookie and check the response
References
Severity
Classification
-
CVE CVE-2014-9222 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- AdPeeps 'index.php' Multiple Vulnerabilities.
- Andy's PHP Knowledgebase 's' Parameter SQL Injection Vulnerability
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Atmail Multiple Unspecified Security Vulnerabilities.
- Adobe ColdFusion Information Disclosure Vulnerability