Common Vulnerabilities and Exposures assigned an identifier CVE-2010-4728 to the following vulnerability: Name: CVE-2010-4728 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4728 Assigned: 20110208 Reference: http://code.zikula.org/core/ticket/2009 Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting a return value, as demonstrated by the authid protection mechanism.
Created zikula tracking bugs for this issue Affects: fedora-all [bug 676457] Affects: epel-all [bug 676458]