CVE-2011-2158 in SmarterStatsजानकारी

सारांश

द्वारा MITRE

The SmarterTools SmarterStats 6.0 web server sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving (1) Admin/frmSite.aspx, (2) Admin/frmSites.aspx, (3) Admin/frmViewReports.aspx, (4) App_Themes/AboutThisFolder.txt, (5) Client/frmViewReports.aspx, (6) Temp/AboutThisFolder.txt, (7) default.aspx, (8) login.aspx, or (9) certain .jpg URIs under Temp/. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

आरक्षित करना

20/05/2011

प्रकटीकरण

20/05/2011

प्रविष्टि

VDB-57497

EPSS

0.04384

गतिविधियाँ

बहुत कम

स्रोत

Do you want to use VulDB in your project?

Use the official API to access entries easily!