Lucene search

MitreCVE-2005-1732

HistoryMay 24, 2005 - 4:00 a.m.

CVE-2005-1732

2005-05-2404:00:00

mitre

web.nvd.nist.gov

cookie cart

vulnerability

testmy.cgi

remote attackers

order notification list

security

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.5%

JSON

Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to testmy.cgi.

Affected configurations

Nvd

Node

metro_marketingcookie_cart

VendorProductVersionCPE
metro_marketingcookie_cart*cpe:2.3:a:metro_marketing:cookie_cart:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
metro_marketing	cookie_cart	*	cpe:2.3:a:metro_marketing:cookie_cart::::::::

References

marc.info/?l=bugtraq&m=111686721022831&w=2

secunia.com/advisories/15448

securitytracker.com/id?1014026

www.soulblack.com.ar/repo/papers/cookiec_advisory.txt

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.5%

JSON

Related for CVE-2005-1732