CVE-2011-2158 in SmarterStats情報

要約

〜によって MITRE

The SmarterTools SmarterStats 6.0 web server sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving (1) Admin/frmSite.aspx, (2) Admin/frmSites.aspx, (3) Admin/frmViewReports.aspx, (4) App_Themes/AboutThisFolder.txt, (5) Client/frmViewReports.aspx, (6) Temp/AboutThisFolder.txt, (7) default.aspx, (8) login.aspx, or (9) certain .jpg URIs under Temp/. NOTE: it is possible that only clients, not the SmarterStats product, could be affected by this issue.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

予約する

2011年05月20日

モデレーション

承諾済み

エントリ

VDB-57497

CWE

不明

EPSS

0.04384

アクティビティ

非常低い

ソース

Do you need the next level of professionalism?

Upgrade your account now!