Lucene search

[email protected]NVD:CVE-2009-2192

HistoryAug 06, 2009 - 4:30 p.m.

CVE-2009-2192

2009-08-0616:30:00

CWE-255

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.8%

JSON

MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a “logic issue.”

Affected configurations

NVD

Node

applemac_os_xMatch10.5.6

applemac_os_xMatch10.5

applemac_os_xMatch10.5.0

applemac_os_xMatch10.5.1

applemac_os_xMatch10.5.2

applemac_os_xMatch10.5.22008-002

applemac_os_xMatch10.5.3

applemac_os_xMatch10.5.4

applemac_os_xMatch10.5.5

applemac_os_xMatch10.5.6

applemac_os_xMatch10.5.7

applemac_os_x_serverMatch10.5

applemac_os_x_serverMatch10.5.0

applemac_os_x_serverMatch10.5.1

applemac_os_x_serverMatch10.5.2

applemac_os_x_serverMatch10.5.3

applemac_os_x_serverMatch10.5.4

applemac_os_x_serverMatch10.5.5

applemac_os_x_serverMatch10.5.6

applemac_os_x_serverMatch10.5.7

References

lists.apple.com/archives/security-announce/2009/Aug/msg00001.html

osvdb.org/56839

secunia.com/advisories/36096

support.apple.com/kb/HT3757

www.securityfocus.com/bid/35954

www.us-cert.gov/cas/techalerts/TA09-218A.html

www.vupen.com/english/advisories/2009/2172

exchange.xforce.ibmcloud.com/vulnerabilities/52432

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for NVD:CVE-2009-2192

cvelist1 cve1 prion1 securityvulns2 seebug1 nessus2 openvas2