ArticleLive 2005 allows remote attackers to gain privileges by modifying the (1) auth and (2) userId fields in a cookie.Referenceshttp://marc.info/?l=bugtraq&m=111530871724865&w=2http://www.securityfocus.com/bid/13493http://secunia.com/advisories/15250http://www.digitalparadox.org/advisories/inal.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/20431http://securitytracker.com/id?1013895
