Lucene search

[email protected]CVE-2009-3452

HistorySep 29, 2009 - 3:30 p.m.

CVE-2009-3452

2009-09-2915:30:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2009-3452

webcoremodule.ashx

radactive i-load

sensitive information

vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to obtain sensitive information via unspecified requests that trigger responses containing the saved-image folder pathname.

Affected configurations

NVD

Node

radactivei-loadRange≤2008.2.4.0

radactivei-loadMatch1.6.3

radactivei-loadMatch1.6.3.1

radactivei-loadMatch1.6.3.2

radactivei-loadMatch1.6.3.3

radactivei-loadMatch1.7.0.0

radactivei-loadMatch1.7.0.1

radactivei-loadMatch1.7.0.2

radactivei-loadMatch1.7.0.3

radactivei-loadMatch1.7.0.4

radactivei-loadMatch1.7.0.5

radactivei-loadMatch1.7.0.6

radactivei-loadMatch1.7.0.7

radactivei-loadMatch1.7.0.8

radactivei-loadMatch1.7.0.9

radactivei-loadMatch1.7.0.10

radactivei-loadMatch1.7.0.11

radactivei-loadMatch1.7.0.12

radactivei-loadMatch1.7.5.0

radactivei-loadMatch1.7.5.1

radactivei-loadMatch1.7.5.2

radactivei-loadMatch1.7.6.0

radactivei-loadMatch1.7.6.1

radactivei-loadMatch1.7.7.0

radactivei-loadMatch1.7.7.1

radactivei-loadMatch1.7.7.2

radactivei-loadMatch1.7.7.3

radactivei-loadMatch1.7.7.4

radactivei-loadMatch1.7.7.5

radactivei-loadMatch1.7.7.6

radactivei-loadMatch1.7.7.8

radactivei-loadMatch1.7.7.9

radactivei-loadMatch1.7.7.11

radactivei-loadMatch2008.1.0.0

radactivei-loadMatch2008.1.0.1

radactivei-loadMatch2008.1.0.2

radactivei-loadMatch2008.1.1.0

radactivei-loadMatch2008.1.2.0

radactivei-loadMatch2008.1.2.1

radactivei-loadMatch2008.1.3.0

radactivei-loadMatch2008.2.1.0

radactivei-loadMatch2008.2.1.1

radactivei-loadMatch2008.2.2.0

radactivei-loadMatch2008.2.3.0

radactivei-loadMatch2008.2.3.1

radactivei-loadMatch2008.2.3.2

CPENameOperatorVersion
radactive:i-loadradactive i-loadle2008.2.4.0
radactive:i-loadradactive i-loadeq1.6.3
radactive:i-loadradactive i-loadeq1.6.3.1
radactive:i-loadradactive i-loadeq1.6.3.2
radactive:i-loadradactive i-loadeq1.6.3.3
radactive:i-loadradactive i-loadeq1.7.0.0
radactive:i-loadradactive i-loadeq1.7.0.1
radactive:i-loadradactive i-loadeq1.7.0.2
radactive:i-loadradactive i-loadeq1.7.0.3
radactive:i-loadradactive i-loadeq1.7.0.4

CPE	Name	Operator	Version
radactive:i-load	radactive i-load	le	2008.2.4.0
radactive:i-load	radactive i-load	eq	1.6.3
radactive:i-load	radactive i-load	eq	1.6.3.1
radactive:i-load	radactive i-load	eq	1.6.3.2
radactive:i-load	radactive i-load	eq	1.6.3.3
radactive:i-load	radactive i-load	eq	1.7.0.0
radactive:i-load	radactive i-load	eq	1.7.0.1
radactive:i-load	radactive i-load	eq	1.7.0.2
radactive:i-load	radactive i-load	eq	1.7.0.3
radactive:i-load	radactive i-load	eq	1.7.0.4

Rows per page:

1-10 of 461

References

radnet.radactive.com/forum/Default.aspx?g=posts&t=339

secunia.com/advisories/23807

www.osvdb.org/58194

www.securityfocus.com/archive/1/506555/100/0/threaded

www.sec-consult.com/files/20090917-0_RADactive_I-Load_Multiple_Vulnerabilities.txt

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.2 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

Related for CVE-2009-3452

cvelist1 nvd1 prion1