Lucene search

[email protected]NVD:CVE-2004-1656

HistorySep 01, 2004 - 4:00 a.m.

CVE-2004-1656

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.016

Percentile

87.6%

JSON

CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.

Affected configurations

Nvd

Node

comersus_open_technologiescomersus_cartMatch5.0.991

VendorProductVersionCPE
comersus_open_technologiescomersus_cart5.0.991cpe:2.3:a:comersus_open_technologies:comersus_cart:5.0.991:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
comersus_open_technologies	comersus_cart	5.0.991	cpe:2.3:a:comersus_open_technologies:comersus_cart:5.0.991:::::::*

References

marc.info/?l=bugtraq&m=109405777905519&w=2

www.securityfocus.com/bid/11083

exchange.xforce.ibmcloud.com/vulnerabilities/17201

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.016

Percentile

87.6%

JSON

Related for NVD:CVE-2004-1656

exploitdb1 cvelist1 cve1