Lucene search
MitreCVE-2009-1752HistoryMay 22, 2009 - 11:52 a.m.
CVE-2009-1752
2009-05-2211:52:39
CWE-264
mitre
web.nvd.nist.gov
22
exjune office message system
remote access
privilege escalation
cve-2009-1752
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.019
Percentile
88.7%
exJune Office Message System 1 does not properly restrict access to (1) configure.asp and (2) addmessage2.asp, which allows remote attackers to gain privileges a direct request. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
exjuneoffice_message_systemMatch1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| exjune | office_message_system | 1 | cpe:2.3:a:exjune:office_message_system:1:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2009-1752
2009-05-22 11:52:39
prion
prion
Information disclosure
2009-05-22 11:52:00
cvelist
cvelist
CVE-2009-1752
2009-05-21 18:00:00
exploitdb
exploitdb
Exjune Officer Message System 1 - Multiple Vulnerabilities
2009-05-20 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.019
Percentile
88.7%
Related for CVE-2009-1752