mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
83 lines
2.3 KiB
JSON
83 lines
2.3 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2003-0405",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20030526 S21SEC-024 - Vignette TCL Injection",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://marc.info/?l=bugtraq&m=105405922826197&w=2"
|
|
},
|
|
{
|
|
"name" : "http://www.s21sec.com/es/avisos/s21sec-024-en.txt",
|
|
"refsource" : "MISC",
|
|
"url" : "http://www.s21sec.com/es/avisos/s21sec-024-en.txt"
|
|
},
|
|
{
|
|
"name" : "vignette-tcl-code-execution(12070)",
|
|
"refsource" : "XF",
|
|
"url" : "http://www.iss.net/security_center/static/12070.php"
|
|
},
|
|
{
|
|
"name" : "7690",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/7690"
|
|
},
|
|
{
|
|
"name" : "7692",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/7692"
|
|
}
|
|
]
|
|
}
|
|
}
|