CVE-2009-0804 in Ziproxyinformazioni

Riassunto

di MITRE

Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

04/03/2009

Divulgazione

04/03/2009

Moderazione

accettato

Voce

VDB-46950

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

5.4 (NVD)

EPSS

0.02376

KEV

Attività

molto basso

Settore

Energy, Insurance, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2009-0804
NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-0804
CVE Details	https://www.cvedetails.com/cve/CVE-2009-0804/

◂ Precedente Visione D'ensemble Il prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!