CVE-2005-3634 in Web Application Serverinfo

Summary

frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

11/16/2005

Disclosure

11/16/2005

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-601 (Unconfirmed)

Exploit

Download

CVSS

5.3

EPSS

0.01653

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-3634
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3634
CVE Details	https://www.cvedetails.com/cve/CVE-2005-3634/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!