CVE-2011-0545 - Vulnerability Details

Vendors	Products
Symantec	Liveupdate Administrator

Link	Providers
http://secunia.com/advisories/43820
http://securityreason.com/securityalert/8160
http://securitytracker.com/id?1025242
http://sotiriu.de/adv/NSOADV-2011-001.txt
http://www.exploit-db.com/exploits/17026
http://www.osvdb.org/71261
http://www.securityfocus.com/archive/1/517109/100/0/threaded
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00
http://www.vupen.com/english/advisories/2011/0727
https://exchange.xforce.ibmcloud.com/vulnerabilities/66213

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "43820", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43820"}, {"name": "symantec-lua-gui-csrf(66213)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66213"}, {"name": "71261", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/71261"}, {"tags": ["x_refsource_MISC"], "url": "http://sotiriu.de/adv/NSOADV-2011-001.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00"}, {"name": "17026", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/17026"}, {"name": "8160", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8160"}, {"name": "ADV-2011-0727", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0727"}, {"name": "1025242", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1025242"}, {"name": "20110322 NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/517109/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-0545", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "43820", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43820"}, {"name": "symantec-lua-gui-csrf(66213)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66213"}, {"name": "71261", "refsource": "OSVDB", "url": "http://www.osvdb.org/71261"}, {"name": "http://sotiriu.de/adv/NSOADV-2011-001.txt", "refsource": "MISC", "url": "http://sotiriu.de/adv/NSOADV-2011-001.txt"}, {"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00", "refsource": "CONFIRM", "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00"}, {"name": "17026", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/17026"}, {"name": "8160", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8160"}, {"name": "ADV-2011-0727", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0727"}, {"name": "1025242", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1025242"}, {"name": "20110322 NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/517109/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:58:26.012Z"}, "title": "CVE Program Container", "references": [{"name": "43820", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43820"}, {"name": "symantec-lua-gui-csrf(66213)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66213"}, {"name": "71261", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/71261"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://sotiriu.de/adv/NSOADV-2011-001.txt"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00"}, {"name": "17026", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/17026"}, {"name": "8160", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8160"}, {"name": "ADV-2011-0727", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0727"}, {"name": "1025242", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1025242"}, {"name": "20110322 NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/517109/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-0545", "datePublished": "2011-03-28T16:00:00", "dateReserved": "2011-01-20T00:00:00", "dateUpdated": "2024-08-06T21:58:26.012Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2011-03-21T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-09T18:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 43820 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/43820 (string)

}

1 : { »

name : symantec-lua-gui-csrf(66213) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66213 (string)

}

2 : { »

name : 71261 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://www.osvdb.org/71261 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://sotiriu.de/adv/NSOADV-2011-001.txt (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00 (string)

}

5 : { »

name : 17026 (string)

tags : [ »

0 : exploit (string)

1 : x_refsource_EXPLOIT-DB (string)

]

url : http://www.exploit-db.com/exploits/17026 (string)

}

6 : { »

name : 8160 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

]

url : http://securityreason.com/securityalert/8160 (string)

}

7 : { »

name : ADV-2011-0727 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2011/0727 (string)

}

8 : { »

name : 1025242 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://securitytracker.com/id?1025242 (string)

}

9 : { »

name : 20110322 NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/517109/100/0/threaded (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2011-0545 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 43820 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/43820 (string)

}

1 : { »

name : symantec-lua-gui-csrf(66213) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66213 (string)

}

2 : { »

name : 71261 (string)

refsource : OSVDB (string)

url : http://www.osvdb.org/71261 (string)

}

3 : { »

name : http://sotiriu.de/adv/NSOADV-2011-001.txt (string)

refsource : MISC (string)

url : http://sotiriu.de/adv/NSOADV-2011-001.txt (string)

}

4 : { »

name : http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00 (string)

refsource : CONFIRM (string)

url : http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00 (string)

}

5 : { »

name : 17026 (string)

refsource : EXPLOIT-DB (string)

url : http://www.exploit-db.com/exploits/17026 (string)

}

6 : { »

name : 8160 (string)

refsource : SREASON (string)

url : http://securityreason.com/securityalert/8160 (string)

}

7 : { »

name : ADV-2011-0727 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2011/0727 (string)

}

8 : { »

name : 1025242 (string)

refsource : SECTRACK (string)

url : http://securitytracker.com/id?1025242 (string)

}

9 : { »

name : 20110322 NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/517109/100/0/threaded (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T21:58:26.012Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 43820 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/43820 (string)

}

1 : { »

name : symantec-lua-gui-csrf(66213) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66213 (string)

}

2 : { »

name : 71261 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://www.osvdb.org/71261 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://sotiriu.de/adv/NSOADV-2011-001.txt (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00 (string)

}

5 : { »

name : 17026 (string)

tags : [ »

0 : exploit (string)

1 : x_refsource_EXPLOIT-DB (string)

2 : x_transferred (string)

]

url : http://www.exploit-db.com/exploits/17026 (string)

}

6 : { »

name : 8160 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

2 : x_transferred (string)

]

url : http://securityreason.com/securityalert/8160 (string)

}

7 : { »

name : ADV-2011-0727 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2011/0727 (string)

}

8 : { »

name : 1025242 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://securitytracker.com/id?1025242 (string)

}

9 : { »

name : 20110322 NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/517109/100/0/threaded (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2011-0545 (string)

datePublished : 2011-03-28T16:00:00 (string)

dateReserved : 2011-01-20T00:00:00 (string)

dateUpdated : 2024-08-06T21:58:26.012Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:liveupdate_administrator:2.2.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "6810DD57-BF79-4F38-81C5-8F2B69577E35", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en adduser.do de Symantec LiveUpdate Administrator (LUA) en versiones anteriores a v2.3, permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores y posiblemente alg\u00fan otro impacto no especificado mediante el par\u00e1metro userRole .\r\n"}], "id": "CVE-2011-0545", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-03-28T16:55:04.357", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43820"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/8160"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1025242"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://sotiriu.de/adv/NSOADV-2011-001.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/17026"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/71261"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/517109/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0727"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66213"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43820"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8160"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1025242"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://sotiriu.de/adv/NSOADV-2011-001.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/17026"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/71261"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/517109/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0727"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66213"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:symantec:liveupdate_administrator:2.2.2.9:*:*:*:*:*:*:* (string)

matchCriteriaId : 6810DD57-BF79-4F38-81C5-8F2B69577E35 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter. (string)

}

1 : { »

lang : es (string)

value : Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en adduser.do de Symantec LiveUpdate Administrator (LUA) en versiones anteriores a v2.3, permite a atacantes remotos secuestrar la autenticación de los administradores y posiblemente algún otro impacto no especificado mediante el parámetro userRole . (string)

}

]

id : CVE-2011-0545 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

}

published : 2011-03-28T16:55:04.357 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/43820 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://securityreason.com/securityalert/8160 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://securitytracker.com/id?1025242 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://sotiriu.de/adv/NSOADV-2011-001.txt (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

]

url : http://www.exploit-db.com/exploits/17026 (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://www.osvdb.org/71261 (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/archive/1/517109/100/0/threaded (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00 (string)

}

8 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.vupen.com/english/advisories/2011/0727 (string)

}

9 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66213 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://secunia.com/advisories/43820 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://securityreason.com/securityalert/8160 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://securitytracker.com/id?1025242 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://sotiriu.de/adv/NSOADV-2011-001.txt (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

]

url : http://www.exploit-db.com/exploits/17026 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.osvdb.org/71261 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/archive/1/517109/100/0/threaded (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110321_00 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.vupen.com/english/advisories/2011/0727 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/66213 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-352 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object