Lucene search

[email protected]CVE-2007-2907

HistoryMay 30, 2007 - 10:30 a.m.

CVE-2007-2907

2007-05-3010:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-2907

ssl-explorer

vulnerability

remote authentication

redirect urls

xss

http headers

nvd

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.5%

JSON

Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter redirect URLs containing (1) JavaScript or (2) HTTP headers via an unspecified vector, possibly the forwardTo parameter to redirect.do. NOTE: the impact might be cross-site scripting (XSS) or HTTP request smuggling.

Affected configurations

NVD

Node

ssl-explorerssl-explorerRange≤0.2.12

CPENameOperatorVersion
ssl-explorer:ssl-explorerssl-explorerle0.2.12

CPE	Name	Operator	Version
ssl-explorer:ssl-explorer	ssl-explorer	le	0.2.12

References

osvdb.org/36913

osvdb.org/36915

secunia.com/advisories/25512

sourceforge.net/forum/forum.php?forum_id=690648

www.securityfocus.com/bid/24319

www.vupen.com/english/advisories/2007/2057

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.5%

JSON

Related for CVE-2007-2907

cvelist2 prion2 nvd2 cve1