CVE-2007-2719 Information

Description

Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows remote attackers to hijack web sessions by setting the JSESSIONID cookie.

Reference

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01049713 http://osvdb.org/36061 http://secunia.com/advisories/25275 http://www.acrossecurity.com/aspr/ASPR-2007-05-14-1-PUB.txt http://www.securityfocus.com/archive/1/468974/100/0/threaded http://www.securityfocus.com/bid/23988 http://www.securitytracker.com/id?1018062 http://www.vupen.com/english/advisories/2007/1823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34303