mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
99 lines
2.8 KiB
JSON
99 lines
2.8 KiB
JSON
{
|
|
"id": "CVE-2009-0347",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2009-01-29T19:30:00.377",
|
|
"lastModified": "2017-08-08T01:33:54.330",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de redirecci\u00f3n abierta en cs.html en el motor de busqueda Autonomy (anteriormente Verity) Ultraseek que permite a atacantes remotos redirigir a los usuarios a p\u00e1ginas web de su elecci\u00f3n y producir ataques de phising a trav\u00e9s del par\u00e1metro \"url\"."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 5.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-59"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:autonomy:ultraseek:_nil_:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CB6CE359-BDFF-4BA3-8D5C-C44BD522CE74"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://sunbeltblog.blogspot.com/2009/01/constant-stream-of-ultraseek-redirects.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.kb.cert.org/vuls/id/202753",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"US Government Resource"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/33500",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.ultraseek.com/forums/thread.jspa?messageID=9818",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48336",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |