admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-16xx/CVE-2009-1697.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

334 lines
12 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-1697",
"sourceIdentifier": "cve@mitre.org",
"published": "2009-06-10T18:00:00.483",
"lastModified": "2011-02-17T06:43:40.177",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting (XSS) attacks that depend on communication with arbitrary web sites on the same server through use of XMLHttpRequest without a Host header."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF (se refiere a CR (retorno de carro) y LF (salto de l\u00ednea)) en WebKit en Apple Safari anterior a v4.0. Permite a atacantes remotos inyectar cabeceras HTTP y saltarse la pol\u00edtica \"Same Origin\" a trav\u00e9s de un documento HTML manipulado, relativo a ataques de secuencias de comandos en sitios cruzados (XSS) que dependen de la comunicaci\u00f3n con sitios Web arbitrarios dentro del mismo servidor Web, mediante el uso de XMLHttpRequest sin la cabecera Host."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:mac:*:*:*:*:*",
"versionEndIncluding": "4.0_beta",
"matchCriteriaId": "2AA3463B-FB1D-4957-A738-946399B1B9DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:0.8:*:mac:*:*:*:*:*",
"matchCriteriaId": "1F5F96DD-BD44-497B-A05E-326819BC46F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:0.9:*:mac:*:*:*:*:*",
"matchCriteriaId": "2B00DC91-9895-405E-B9B4-211ABC3728DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.0:*:mac:*:*:*:*:*",
"matchCriteriaId": "82C4A098-7EAC-4611-B621-3F0EB1B15960"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.0.3:*:mac:*:*:*:*:*",
"matchCriteriaId": "56B016E7-C403-42AC-BF75-9BA723122A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.1:*:mac:*:*:*:*:*",
"matchCriteriaId": "83CFAFD2-630E-4DB9-B187-6918CFE3075C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.2:*:mac:*:*:*:*:*",
"matchCriteriaId": "F03B8DC9-B295-42A8-904F-3D1F827FFECD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.3:*:mac:*:*:*:*:*",
"matchCriteriaId": "1876BC3B-B207-4E81-A0A7-259AFE6F2DEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.3.1:*:mac:*:*:*:*:*",
"matchCriteriaId": "03BBCC9D-E160-4614-B2B8-6359FE644E02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:1.3.2:*:mac:*:*:*:*:*",
"matchCriteriaId": "CDB6B46E-30E1-4E16-A941-F5E19AB34493"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:2.0:*:mac:*:*:*:*:*",
"matchCriteriaId": "E783789C-C5D4-47A2-A947-D19793B182E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:2.0.2:*:mac:*:*:*:*:*",
"matchCriteriaId": "CE3C68CF-21A2-47D8-84F2-FD3219E90043"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:2.0.4:*:mac:*:*:*:*:*",
"matchCriteriaId": "4D4AD962-D9AD-48E5-9B53-E3C1593D43CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0:*:mac:*:*:*:*:*",
"matchCriteriaId": "30FA25DB-3525-4755-B038-6572B2457CF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.2:-:mac:*:*:*:*:*",
"matchCriteriaId": "9270F5C4-63B9-48C5-9D6D-9CDA1461205C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.3:*:mac:*:*:*:*:*",
"matchCriteriaId": "9BE1D829-A6C9-4B5C-971B-5515FB92061D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.4:*:mac:*:*:*:*:*",
"matchCriteriaId": "8BC133D1-E120-4B84-85DC-1D528CB77FAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.1:*:mac:*:*:*:*:*",
"matchCriteriaId": "90D8505E-35D2-40A1-9D75-1A023C4DD65E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.1.1:*:mac:*:*:*:*:*",
"matchCriteriaId": "1D087ECA-D214-4A6B-8F64-7F8AABB14706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.1.2:*:mac:*:*:*:*:*",
"matchCriteriaId": "B4ABDE92-E8A8-431D-BF9C-9A54667A8664"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.2.1:*:mac:*:*:*:*:*",
"matchCriteriaId": "94956778-7E73-4B42-B7B1-0D11837B8476"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.2.3:*:mac:*:*:*:*:*",
"matchCriteriaId": "AC54BF41-2BF6-4604-AEFA-532453AB91E5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "3.2.3",
"matchCriteriaId": "F1F650EC-4778-4233-9CF5-2B809CE4C799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "A588615E-EE35-4E19-8BDA-598ED9664686"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "3E61C168-482B-412A-97E8-B1C651797EDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "32024B14-B4F7-466E-AEF2-0D3A7E8E1060"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.3:*:windows:*:*:*:*:*",
"matchCriteriaId": "D137F48A-E670-4BDB-B003-C6BB2A33F250"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.0.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "85AB4EDB-408D-4D2F-95BE-B578455EFA4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "0B256D38-257B-4C3D-9EA5-2255BF3A329C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "158AEA23-B5DB-4CBC-8391-2D97233A8E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.1.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "218FBDC4-29AF-4BA1-A3FE-4E19B0E3E654"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "77F31F4B-5305-4D75-9277-95EF99A969A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.2.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "BDE11F09-3D57-4CF0-8165-90FB234CC403"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:3.2.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "99118352-6845-4704-B4A3-F98E8C06E0FD"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/54992",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/35379",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/37746",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/43068",
"source": "cve@mitre.org"
},
{
"url": "http://securitytracker.com/id?1022344",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "http://support.apple.com/kb/HT3613",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://support.apple.com/kb/HT3639",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2009/dsa-1950",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/35260",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1522",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1621",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0212",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink