PT-2008-3809 · Apple · Webobjects+1
Publicado
2008-07-14
·
Atualizado
2017-08-08
·
CVE-2008-2318
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Apple Xcode tools versions prior to 3.1
Description:
The issue concerns the WOHyperlink implementation in WebObjects, which appends local session IDs to generated non-local URLs. This allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
Recommendations:
For versions prior to 3.1, update to version 3.1 or later to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Webobjects
Xcode