var-201005-0181
Vulnerability from variot
Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device. According to the developer, the impact of this vulnerability depends on the implementation of the web application. Fujitsu Interstage Application Server is an application platform that supports the construction and operation of business systems. A remote attacker can exploit the vulnerability to perform partial illegal requests or obtain sensitive information from other users. ----------------------------------------------------------------------
Looking for a job?
Secunia is hiring skilled researchers and talented developers.
SOLUTION: Please see the vendor's advisory for a patch matrix.
The vendor recommends setting the distribution beginning time to five minutes or more at the loading balancer.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Fujitsu: http://www.fujitsu.com/global/support/software/security/products-f/interstage-201001e.html
OTHER REFERENCES: JVN: http://jvn.jp/en/jp/JVN90248889/index.html
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201005-0181", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.6, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.0, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server", "scope": "eq", "trust": 1.0, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server", "scope": "eq", "trust": 1.0, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application framework suite", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage application server", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage business application manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": "interstage list manager", "scope": null, "trust": 0.8, "vendor": "fujitsu", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "interstage application server", "version": "4.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "interstage application server", "version": "5.0" }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "interstage application server", "version": "7.0" }, { "model": "interstage application server web-j edition l11", "scope": "lte", "trust": 0.6, "vendor": "fujitsu", "version": "\u003c=7.0" }, { "model": "interstage application server standard edition l11", "scope": "lte", "trust": 0.6, "vendor": "fujitsu", "version": "\u003c=7.0" }, { "model": "interstage application server plus developer l10", "scope": "lte", "trust": 0.6, "vendor": "fujitsu", "version": "\u003c=7.0" }, { "model": "interstage application server plus l11", "scope": "lte", "trust": 0.6, "vendor": "fujitsu", "version": "\u003c=7.0" }, { "model": "interstage application server enterprise edition l11", "scope": "lte", "trust": 0.6, "vendor": "fujitsu", "version": "\u003c=7.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "interstage application server", "version": "3.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "interstage application server", "version": "4.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "interstage application server", "version": "5.0.1" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "interstage application server", "version": "6.0" }, { "model": null, "scope": "eq", "trust": 0.4, "vendor": "interstage application server", "version": "7.0.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server web-j edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server web-j edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server web-j edition l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application server web-j edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server web-j edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server web-j edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage application server web-j edition 3.0l10", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "interstage application server web-j edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server standard edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server standard edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server standard edition l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application server standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage application server standard edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server standard edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server standard edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server plus developer", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server plus developer l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus developer", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus developer l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus developer", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus developer l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server plus l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server plus l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server plus", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server plus l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server plus l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.2" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1.1" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0.1" }, { "model": "interstage application server enterprise edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "7.0" }, { "model": "interstage application server enterprise edition 6.0a", "scope": null, "trust": 0.3, "vendor": "fujitsu", "version": null }, { "model": "interstage application server enterprise edition l10c", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "6.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.1" }, { "model": "interstage application server enterprise edition l20a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l11", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l10b", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l10a", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "5.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.1" }, { "model": "interstage application server enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "4.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.1" }, { "model": "interstage application server enterprise edition l20", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server enterprise edition l10", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" }, { "model": "interstage application server enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "fujitsu", "version": "3.0" } ], "sources": [ { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-0882" }, { "db": "BID", "id": "40189" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "db": "NVD", "id": "CVE-2010-1942" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:3.0:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:4.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:6.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:7.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:5.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:5.0:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:7.0.1:*:plus:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:5.0.1:*:plus_developer:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:4.1:*:web_j:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:3.0:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:5.0:*:web_j:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:5.0.1:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:6.0:*:plus:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:4.1:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:4.0:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:4.0:*:web_j:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:7.0:*:standard:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:7.0:*:plus:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:fujitsu:interstage_application_server:7.0.1:*:enterprise:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2010-1942" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "40189" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ], "trust": 0.9 }, "cve": "CVE-2010-1942", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "IPA", "availabilityImpact": "None", "baseScore": 6.4, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "JVNDB-2010-000018", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "5f166280-1fb9-11e6-abef-000c29c66e3d", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.9 [IVD]" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2010-1942", "impactScore": 4.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "MEDIUM", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2010-1942", "trust": 1.0, "value": "MEDIUM" }, { "author": "IPA", "id": "JVNDB-2010-000018", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201005-254", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2010-1942", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "VULMON", "id": "CVE-2010-1942" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "db": "NVD", "id": "CVE-2010-1942" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device. According to the developer, the impact of this vulnerability depends on the implementation of the web application. Fujitsu Interstage Application Server is an application platform that supports the construction and operation of business systems. A remote attacker can exploit the vulnerability to perform partial illegal requests or obtain sensitive information from other users. ----------------------------------------------------------------------\n\n\nLooking for a job?\n\n\nSecunia is hiring skilled researchers and talented developers. \n\nSOLUTION:\nPlease see the vendor\u0027s advisory for a patch matrix. \n\nThe vendor recommends setting the distribution beginning time to five\nminutes or more at the loading balancer. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nFujitsu:\nhttp://www.fujitsu.com/global/support/software/security/products-f/interstage-201001e.html\n\nOTHER REFERENCES:\nJVN:\nhttp://jvn.jp/en/jp/JVN90248889/index.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2010-1942" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "db": "CNVD", "id": "CNVD-2010-0882" }, { "db": "BID", "id": "40189" }, { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "VULMON", "id": "CVE-2010-1942" }, { "db": "PACKETSTORM", "id": "89581" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "JVN", "id": "JVN90248889", "trust": 3.5 }, { "db": "BID", "id": "40189", "trust": 3.4 }, { "db": "NVD", "id": "CVE-2010-1942", "trust": 3.0 }, { "db": "SECUNIA", "id": "39803", "trust": 2.7 }, { "db": "OSVDB", "id": "64703", "trust": 2.5 }, { "db": "JVNDB", "id": "JVNDB-2010-000018", "trust": 2.5 }, { "db": "VUPEN", "id": "ADV-2010-1165", "trust": 2.4 }, { "db": "CNVD", "id": "CNVD-2010-0882", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201005-254", "trust": 0.8 }, { "db": "JVN", "id": "JVN#90248889", "trust": 0.6 }, { "db": "IVD", "id": "5F166280-1FB9-11E6-ABEF-000C29C66E3D", "trust": 0.2 }, { "db": "VUPEN", "id": "2010/1165", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2010-1942", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "89581", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-0882" }, { "db": "VULMON", "id": "CVE-2010-1942" }, { "db": "BID", "id": "40189" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "db": "PACKETSTORM", "id": "89581" }, { "db": "NVD", "id": "CVE-2010-1942" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "id": "VAR-201005-0181", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-0882" } ], "trust": 0.9674242500000001 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-0882" } ] }, "last_update_date": "2023-12-18T13:09:53.025000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "JVN#90248889", "trust": 0.8, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-90248889.html" }, { "title": "Fujitsu Interstage Application Server Servlet Component Security Patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/416" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-0882" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2010-1942" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "http://www.securityfocus.com/bid/40189" }, { "trust": 2.6, "url": "http://jvn.jp/en/jp/jvn90248889/index.html" }, { "trust": 2.5, "url": "http://secunia.com/advisories/39803" }, { "trust": 2.5, "url": "http://osvdb.org/64703" }, { "trust": 2.5, "url": "http://www.vupen.com/english/advisories/2010/1165" }, { "trust": 2.1, "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201001e.html" }, { "trust": 1.7, "url": "http://software.fujitsu.com/jp/security/vulnerabilities/jvn-90248889.html" }, { "trust": 1.7, "url": "http://jvndb.jvn.jp/ja/contents/2010/jvndb-2010-000018.html" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58634" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1942" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1942" }, { "trust": 0.6, "url": "http://jvn.jp/jp/jvn90248889/index.htmlhttp" }, { "trust": 0.3, "url": "http://www.fujitsu.com/global/services/software/interstage/apserver/" }, { "trust": 0.3, "url": "http://jvn.jp/jp/jvn90248889/index.html" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "http://secunia.com/company/jobs/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/39803/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2010-0882" }, { "db": "VULMON", "id": "CVE-2010-1942" }, { "db": "BID", "id": "40189" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "db": "PACKETSTORM", "id": "89581" }, { "db": "NVD", "id": "CVE-2010-1942" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "db": "CNVD", "id": "CNVD-2010-0882" }, { "db": "VULMON", "id": "CVE-2010-1942" }, { "db": "BID", "id": "40189" }, { "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "db": "PACKETSTORM", "id": "89581" }, { "db": "NVD", "id": "CVE-2010-1942" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-05-17T00:00:00", "db": "IVD", "id": "5f166280-1fb9-11e6-abef-000c29c66e3d" }, { "date": "2010-05-17T00:00:00", "db": "CNVD", "id": "CNVD-2010-0882" }, { "date": "2010-05-19T00:00:00", "db": "VULMON", "id": "CVE-2010-1942" }, { "date": "2010-05-17T00:00:00", "db": "BID", "id": "40189" }, { "date": "2010-05-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "date": "2010-05-18T11:50:54", "db": "PACKETSTORM", "id": "89581" }, { "date": "2010-05-19T12:08:04.507000", "db": "NVD", "id": "CVE-2010-1942" }, { "date": "2010-05-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-05-17T00:00:00", "db": "CNVD", "id": "CNVD-2010-0882" }, { "date": "2017-08-17T00:00:00", "db": "VULMON", "id": "CVE-2010-1942" }, { "date": "2015-04-13T21:02:00", "db": "BID", "id": "40189" }, { "date": "2010-05-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-000018" }, { "date": "2017-08-17T01:32:32.947000", "db": "NVD", "id": "CVE-2010-1942" }, { "date": "2010-05-19T00:00:00", "db": "CNNVD", "id": "CNNVD-201005-254" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201005-254" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Fujitsu Interstage Application Server Servlet Component Security Vulnerability", "sources": [ { "db": "BID", "id": "40189" }, { "db": "CNNVD", "id": "CNNVD-201005-254" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201005-254" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.