PT-2007-7345 · Realnetworks+1 · Realplayer+1

Mrhinkydink

Publicado

2007-12-21

Atualizado

2018-10-15

CVE-2007-6511

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Websense Enterprise version 6.3.1

Description The issue allows remote attackers to bypass content filtering. This can be achieved by visiting HTTP URLs with specific User-Agent headers, including (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent, resulting in a Non-HTTP categorization.

Recommendations For Websense Enterprise version 6.3.1, consider restricting access to HTTP URLs with the specified User-Agent headers as a temporary workaround until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-6511

Produtos afetados

Realplayer

Websense Enterprise

PT-2007-7345 · Realnetworks+1 · Realplayer+1

CVE-2007-6511

Identificadores relacionados

Produtos afetados

Referências · 10