CVE-2009-0347

{"id": "CVE-2009-0347", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-01-29T19:30:00.377", "references": [{"url": "http://sunbeltblog.blogspot.com/2009/01/constant-stream-of-ultraseek-redirects.html", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/202753", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/33500", "source": "cve@mitre.org"}, {"url": "http://www.ultraseek.com/forums/thread.jspa?messageID=9818", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48336", "source": "cve@mitre.org"}, {"url": "http://sunbeltblog.blogspot.com/2009/01/constant-stream-of-ultraseek-redirects.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/202753", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/33500", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ultraseek.com/forums/thread.jspa?messageID=9818", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48336", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-59"}]}], "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter."}, {"lang": "es", "value": "Vulnerabilidad de redirecci\u00f3n abierta en cs.html en el motor de busqueda Autonomy (anteriormente Verity) Ultraseek que permite a atacantes remotos redirigir a los usuarios a p\u00e1ginas web de su elecci\u00f3n y producir ataques de phising a trav\u00e9s del par\u00e1metro \"url\"."}], "lastModified": "2024-11-21T00:59:41.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:autonomy:ultraseek:_nil_:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB6CE359-BDFF-4BA3-8D5C-C44BD522CE74"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}