CVE-2011-4751
Published Dec 16, 2011
Last updated 7 years ago
Overview
- Description
- SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smartertools:smarterstats:6.2.4100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B4A097E-CD4A-4B8A-8704-877DDAA7D872"
}
],
"operator": "OR"
}
]
}
]