CVE-2003-1481

Published Dec 31, 2003

Last updated 7 years ago

Overview

Description: CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B99838A0-D980-4E0F-BFF3-9DEF998F78AB"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACA7E146-9B89-4D96-B0AF-5A7D8CF7E933"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.2_b5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA2CF1F-790B-42D6-BDDA-C087A19BD291"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.2_b7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2284CCAA-38D8-4749-B7A3-EF9FD4CA1675"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E4802FD-52E5-4A8B-8AAB-4536A4A8AC4A"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.3_b1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CF0F5F5-5C71-4F60-B151-5324B62DC5DF"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.3_b2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E26B7CF-9DED-4CB7-BF79-910DB8D46233"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:3.4_b3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DEC5A62-2D00-4301-9EBD-B6DB9C4FD1D4"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57036FA9-D509-43F3-9C67-6E844445B278"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CFC653F-1C21-4FA4-9595-EBC396F8A9F1"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68810EB2-D964-4F65-A747-A79A9D6EDBF9"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB31AC6D-E606-4A53-9420-58B4DE8E60F4"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:4.0_b2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BF2C074-04D1-42F6-8928-B83C11CACDE7"
          },
          {
            "criteria": "cpe:2.3:a:stalker:communigate_pro:4.0_b3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDC96959-CB08-47B7-B5F6-DD03342BEC91"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References