Lucene search

[email protected]NVD:CVE-2010-2274

HistoryJun 15, 2010 - 2:30 p.m.

CVE-2010-2274

2010-06-1514:30:01

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.4%

JSON

Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html.

Affected configurations

NVD

Node

dojotoolkitdojoMatch1.0

dojotoolkitdojoMatch1.0.1

dojotoolkitdojoMatch1.0.2

dojotoolkitdojoMatch1.1

dojotoolkitdojoMatch1.1.1

dojotoolkitdojoMatch1.2

dojotoolkitdojoMatch1.2.1

dojotoolkitdojoMatch1.2.2

dojotoolkitdojoMatch1.2.3

dojotoolkitdojoMatch1.3

dojotoolkitdojoMatch1.3.1

dojotoolkitdojoMatch1.3.2

dojotoolkitdojoMatch1.4

dojotoolkitdojoMatch1.4.1

References

dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/

secunia.com/advisories/38964

secunia.com/advisories/40007

www-01.ibm.com/support/docview.wss?uid=swg21431472

www-1.ibm.com/support/docview.wss?uid=swg1LO50833

www-1.ibm.com/support/docview.wss?uid=swg1LO50849

www-1.ibm.com/support/docview.wss?uid=swg1LO50856

www-1.ibm.com/support/docview.wss?uid=swg1LO50896

www-1.ibm.com/support/docview.wss?uid=swg1LO50932

www-1.ibm.com/support/docview.wss?uid=swg1LO50958

www-1.ibm.com/support/docview.wss?uid=swg1LO50994

www.vupen.com/english/advisories/2010/1281

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.4%

JSON

Related for NVD:CVE-2010-2274

cve1 prion1 cvelist1 osv1 ubuntucve1 github1 debiancve1 openvas4