CVE-2009-1432 (GCVE-0-2009-1432)

Vulnerability from cvelistv5 – Published: 2009-04-30 20:00 – Updated: 2024-08-07 05:13
VLAI?
Summary
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.vupen.com/english/advisories/2009/1204 vdb-entryx_refsource_VUPEN
http://securitytracker.com/id?1022137 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/34856 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1022138 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/34935 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1022136 vdb-entryx_refsource_SECTRACK
http://www.symantec.com/security_response/securit… x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/1202 vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/34668 vdb-entryx_refsource_BID
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:13:25.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-1204",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1204"
          },
          {
            "name": "1022137",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022137"
          },
          {
            "name": "34856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34856"
          },
          {
            "name": "1022138",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022138"
          },
          {
            "name": "34935",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34935"
          },
          {
            "name": "1022136",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022136"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
          },
          {
            "name": "ADV-2009-1202",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1202"
          },
          {
            "name": "multiple-symantec-login-spoofing(50172)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
          },
          {
            "name": "34668",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34668"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-1204",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1204"
        },
        {
          "name": "1022137",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022137"
        },
        {
          "name": "34856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34856"
        },
        {
          "name": "1022138",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022138"
        },
        {
          "name": "34935",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34935"
        },
        {
          "name": "1022136",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022136"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
        },
        {
          "name": "ADV-2009-1202",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1202"
        },
        {
          "name": "multiple-symantec-login-spoofing(50172)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
        },
        {
          "name": "34668",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34668"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1432",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-1204",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1204"
            },
            {
              "name": "1022137",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022137"
            },
            {
              "name": "34856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34856"
            },
            {
              "name": "1022138",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022138"
            },
            {
              "name": "34935",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34935"
            },
            {
              "name": "1022136",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022136"
            },
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
            },
            {
              "name": "ADV-2009-1202",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1202"
            },
            {
              "name": "multiple-symantec-login-spoofing(50172)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
            },
            {
              "name": "34668",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34668"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1432",
    "datePublished": "2009-04-30T20:00:00",
    "dateReserved": "2009-04-24T00:00:00",
    "dateUpdated": "2024-08-07T05:13:25.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*\", \"matchCriteriaId\": \"357629A3-1F45-477D-B560-B4AFB6E163E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*\", \"matchCriteriaId\": \"D2126B10-14E6-4B47-8DA2-361BD51BD378\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*\", \"matchCriteriaId\": \"11C99ECE-8A4E-4DF3-98CF-4B8E15F6662A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:antivirus:10.2:maintenance_release1:*:*:corporate:*:*:*\", \"matchCriteriaId\": \"D4B0ACE4-1374-40DF-8E52-C1785753ACBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"96B92C62-EB73-4777-9307-677754819F2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:maintenance_release7:*:*:*:*:*:*\", \"matchCriteriaId\": \"A63081A8-FB67-4E43-98CF-CD59D7BA5556\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF3B36FF-5C26-4565-A23A-789D1158B867\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:maintenance_release1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D62FBC34-2CA4-430E-B3DF-8948E9F91B02\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.\"}, {\"lang\": \"es\", \"value\": \"Symantec Reporting Server, utilizado en Symantec AntiVirus (SAV) Corporate Edition v10.1 anterior a v10.1 MR8 y v10,2 antes de v10.2 MR2, Symantec Client Security (SCS), antes de v3.1 MR8, y el componente Symantec Endpoint Protection Manager (SEPM) en Symantec Endpoint Protection (SEP) anterior a v11.0 MR2, permite a atacantes remotos inyectar texto arbitrario en la pantalla de inicio de sesi\\u00f3n y, posiblemente, realizar ataques de phishing, a trav\\u00e9s de vectores relacionados con un URL que no est\\u00e1 bien manejada.\"}]",
      "id": "CVE-2009-1432",
      "lastModified": "2024-11-21T01:02:26.800",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-04-30T20:30:00.627",
      "references": "[{\"url\": \"http://secunia.com/advisories/34856\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34935\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1022136\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://securitytracker.com/id?1022137\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://securitytracker.com/id?1022138\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/34668\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1202\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1204\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/50172\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://secunia.com/advisories/34856\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34935\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1022136\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://securitytracker.com/id?1022137\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://securitytracker.com/id?1022138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/34668\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1202\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1204\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/50172\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-1432\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-04-30T20:30:00.627\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.\"},{\"lang\":\"es\",\"value\":\"Symantec Reporting Server, utilizado en Symantec AntiVirus (SAV) Corporate Edition v10.1 anterior a v10.1 MR8 y v10,2 antes de v10.2 MR2, Symantec Client Security (SCS), antes de v3.1 MR8, y el componente Symantec Endpoint Protection Manager (SEPM) en Symantec Endpoint Protection (SEP) anterior a v11.0 MR2, permite a atacantes remotos inyectar texto arbitrario en la pantalla de inicio de sesi\u00f3n y, posiblemente, realizar ataques de phishing, a trav\u00e9s de vectores relacionados con un URL que no est\u00e1 bien manejada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*\",\"matchCriteriaId\":\"357629A3-1F45-477D-B560-B4AFB6E163E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*\",\"matchCriteriaId\":\"D2126B10-14E6-4B47-8DA2-361BD51BD378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*\",\"matchCriteriaId\":\"11C99ECE-8A4E-4DF3-98CF-4B8E15F6662A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:antivirus:10.2:maintenance_release1:*:*:corporate:*:*:*\",\"matchCriteriaId\":\"D4B0ACE4-1374-40DF-8E52-C1785753ACBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96B92C62-EB73-4777-9307-677754819F2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:maintenance_release7:*:*:*:*:*:*\",\"matchCriteriaId\":\"A63081A8-FB67-4E43-98CF-CD59D7BA5556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF3B36FF-5C26-4565-A23A-789D1158B867\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:maintenance_release1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D62FBC34-2CA4-430E-B3DF-8948E9F91B02\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/34856\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34935\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1022136\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id?1022137\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id?1022138\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/34668\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1202\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1204\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50172\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://secunia.com/advisories/34856\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/34935\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1022136\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id?1022137\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id?1022138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/34668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1204\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50172\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.