Lucene search

[email protected]NVD:CVE-2010-1273

HistoryApr 06, 2010 - 4:30 p.m.

CVE-2010-1273

2010-04-0616:30:00

CWE-20

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.5%

JSON

Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors.

Affected configurations

NVD

Node

emwebwtRange≤3.1.0

emwebwtMatch1.1.4

emwebwtMatch1.1.5

emwebwtMatch1.1.6

emwebwtMatch1.1.7

emwebwtMatch2.0.0

emwebwtMatch2.0.1

emwebwtMatch2.0.4

emwebwtMatch2.0.4a

emwebwtMatch2.0.5

emwebwtMatch2.1.0

emwebwtMatch2.1.1

emwebwtMatch2.1.2

emwebwtMatch2.1.3

emwebwtMatch2.1.4

emwebwtMatch2.1.5

emwebwtMatch2.2.0

emwebwtMatch2.2.1

emwebwtMatch2.2.2

emwebwtMatch2.2.3

emwebwtMatch2.99.0

emwebwtMatch2.99.1

emwebwtMatch2.99.2

emwebwtMatch2.99.3

emwebwtMatch2.99.4

emwebwtMatch2.99.5

emwebwtMatch3.0.0

References

secunia.com/advisories/38759

www.osvdb.org/62717

www.securityfocus.com/bid/38541

www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for NVD:CVE-2010-1273

cve1 prion1 cvelist1