CVE-2007-3308 Information

Description

Simple Machines Forum (SMF) 1.1.2 uses a concatenation method with insufficient randomization when creating a WAV file CAPTCHA which allows remote attackers to pass the CAPTCHA test via an automated brute-force attack.

Reference

http://osvdb.org/40617 http://securitytracker.com/id?1018260 http://securityvulns.ru/Rdocument271.html http://www.securityfocus.com/archive/1/471641/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/34907