mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
230 lines
8.1 KiB
JSON
230 lines
8.1 KiB
JSON
{
|
|
"id": "CVE-2008-2951",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-07-27T22:41:00.000",
|
|
"lastModified": "2017-08-08T01:31:28.247",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de Redireccionamiento Abierto en el script de b\u00fasqueda en Trac anterior a versi\u00f3n 0.10.5, permite a los atacantes remotos redireccionar a los usuarios a sitios web arbitrarios y conducir ataques de phishing por medio de una URL en el par\u00e1metro q, posiblemente relacionada con la funci\u00f3n quickjump."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 5.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "0.10.4",
|
|
"matchCriteriaId": "6AB0CAB5-F4B4-44AE-A527-A3A089279943"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F0C99624-9190-42FF-BDE9-A7A5938EDECA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "04F968D4-9691-4ED1-A412-7DF43898863C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1EE1121C-5E38-4811-A9BA-3122EF00941D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AF9D8496-03C6-4C9E-9511-B32EE1AD6E91"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FF4AC75E-2EE6-4333-9AA5-B26571CA86AB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A370F182-C0BF-4E53-81B5-57E03974FA00"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C37AA14-7184-4FFC-BEDE-B567EE315E9F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "661C665F-A7F1-4631-B232-1DC9A2635E77"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9710175D-AB7F-4416-9BD6-DD9BD9D0D322"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.8.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3829D131-F1DB-426E-82C9-C39CBC1D8164"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.8.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9410D67A-6338-4076-AF88-9DFAB701E1FF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.8.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9239A5E2-62D4-4100-BA88-B114FE5944F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "39206222-52BA-49B3-B2D8-1AFB247AA05F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9:b1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BF8C0FF0-98FF-463F-B9F0-B26DC587CE05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9:b2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ED00A360-A4BD-44A9-BF88-A81257CF5E3C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CEEE9CAF-6A17-4B68-988B-2EA0183FC45E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE0E4289-9154-4547-8DAA-51536706EFE7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7836864F-1F39-479A-99D0-A00247711FB4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "14D2B12D-3479-435C-BF76-158C4152C548"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E9AC7C92-2D82-470E-A04A-5C2B5AAA8CFA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.9.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "87EB909D-2F50-456E-9339-31617A9FC64E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "351C68FA-9A8E-4E65-BD8E-44F5BBDAFE8A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.10.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "76B67191-EBC8-4679-9434-9AF56E9151B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.10.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA90857B-FA3A-4DD8-A20D-04837CCFFF77"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.10.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3012B1CE-686F-4F0E-BCB2-790D7C30D257"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:trac:trac:0.10.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F826915A-400C-4DC8-83A3-6EC158ACE0D0"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://holisticinfosec.org/content/view/72/45/",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://trac.edgewall.org/wiki/ChangeLog",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/30402",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44043",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01261.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01270.html",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |