Lucene search
HistoryJul 14, 2008 - 6:41 p.m.
CVE-2008-2318
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.4 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.8%
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
Affected configurations
Node
applexcodeMatch1.5
ORapplexcodeMatch2.2
ORapplexcode_toolsRangeβ€3.0
ORapplexcode_toolsMatch1.0
ORapplexcode_toolsMatch2.0
ORapplexcode_toolsMatch2.1
ORapplexcode_toolsMatch2.2.1
ORapplexcode_toolsMatch2.3
ORapplexcode_toolsMatch2.4
ORapplexcode_toolsMatch2.4.1
ORapplexcode_toolsMatch2.5
Related
seebug
seebug
Apple Xcode WebObjects WOHyperlinkδΏ‘ζ―ζ³ι²ζΌζ΄
2008-07-14 00:00:00
cve
cve
CVE-2008-2318
2008-07-14 18:41:00
prion
prion
Information disclosure
2008-07-14 18:41:00
cvelist
cvelist
CVE-2008-2318
2008-07-14 18:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.4 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.8%
Related for NVD:CVE-2008-2318