Vulnerabilites related to namazu - namazu
CVE-2011-4711 (GCVE-0-2011-4711)
Vulnerability from cvelistv5
Published
2011-12-08 19:00
Modified
2024-08-07 00:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.namazu.org/security.html#",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4711",
"datePublished": "2011-12-08T19:00:00",
"dateReserved": "2011-12-08T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1318 (GCVE-0-2004-1318)
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/9028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/9028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"name": "http://www.namazu.org/security.html.en#xss-tab",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"refsource": "FEDORA",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"name": "http://jvn.jp/jp/JVN%23904429FE.html",
"refsource": "MISC",
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/9028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1318",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-03T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1468 (GCVE-0-2008-1468)
Vulnerability from cvelistv5
Published
2008-03-24 21:00
Modified
2024-08-07 08:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMA02525",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBMA02525",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMA02525",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"name": "http://www.namazu.org/security.html.en",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1468",
"datePublished": "2008-03-24T21:00:00",
"dateReserved": "2008-03-24T00:00:00",
"dateUpdated": "2024-08-07T08:24:42.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1350 (GCVE-0-2001-1350)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:162",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html",
"refsource": "MISC",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1350",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5028 (GCVE-0-2009-5028)
Vulnerability from cvelistv5
Published
2011-11-30 02:00
Modified
2024-08-07 07:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:53.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50772",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50772",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5028",
"datePublished": "2011-11-30T02:00:00",
"dateReserved": "2010-12-09T00:00:00",
"dateUpdated": "2024-08-07T07:24:53.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4345 (GCVE-0-2011-4345)
Vulnerability from cvelistv5
Published
2011-11-30 02:00
Modified
2024-08-07 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:51.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50771",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50771"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"name": "46925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50771",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50771"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"name": "46925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46925"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4345",
"datePublished": "2011-11-30T02:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:01:51.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1352 (GCVE-0-2001-1352)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1352",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1351 (GCVE-0-2001-1351)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:162",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1351",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2001-11-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b | ||
| cve@mitre.org | http://search.namazu.org/ml/namazu-devel-ja/msg02114.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://search.namazu.org/ml/namazu-devel-ja/msg02114.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57EAE8EC-B5E2-45A6-87C3-15A88AA384C8",
"versionEndIncluding": "2.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
],
"id": "CVE-2001-1350",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-11-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "cve@mitre.org",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-24 21:44
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 | ||
| cve@mitre.org | http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 | ||
| cve@mitre.org | http://jvn.jp/jp/JVN%2300892830/index.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=127239985506823&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=127239985506823&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/29386 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29561 | ||
| cve@mitre.org | http://secunia.com/advisories/31687 | ||
| cve@mitre.org | http://secunia.com/advisories/39645 | ||
| cve@mitre.org | http://www.namazu.org/security.html.en | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28380 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41360 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/jp/JVN%2300892830/index.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=127239985506823&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=127239985506823&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29386 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29561 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31687 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/39645 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.namazu.org/security.html.en | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28380 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41360 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7652498D-C86D-4457-AE11-99CD320DFCDA",
"versionEndIncluding": "2.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2AAE7466-56A5-4FBF-8F28-F33150FA2713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en namazu.cgi de Namazu antes de 2.0.18 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de una entrada codificada con UTF-7, relacionada con un fallo al establecer el conjunto de caracteres, un vector distinto a CVE-2004-1318 y CVE-2001-1350. NOTA: alguno de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-1468",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-24T21:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29386"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29561"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31687"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39645"
},
{
"source": "cve@mitre.org",
"url": "http://www.namazu.org/security.html.en"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.namazu.org/security.html.en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-11-30 04:05
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/46925 | Vendor Advisory | |
| secalert@redhat.com | http://www.namazu.org/security.html#cross-site-scripting | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/50771 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=756348 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46925 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.namazu.org/security.html#cross-site-scripting | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/50771 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=756348 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| namazu | namazu | * | |
| namazu | namazu | 2.0 | |
| namazu | namazu | 2.0.2 | |
| namazu | namazu | 2.0.12 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.14 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.16 | |
| namazu | namazu | 2.0.17 | |
| namazu | namazu | 2.0.18 | |
| namazu | namazu | 2.0.19 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DABD090-5AD7-4C71-915A-E5380FA9BC87",
"versionEndIncluding": "2.0.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD2D7C9-9A19-4122-B2EF-EF7F53AC58C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C77F8A22-1EF7-4C39-B220-0E459EB7E9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "33892F22-3F37-4D0A-8108-215397470880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados XSS en Namazu antes de v2.0.21, cuando se usa Internet Explorer 6 o 7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de una cookie."
}
],
"id": "CVE-2011-4345",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-11-30T04:05:58.717",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46925"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/50771"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-12-08 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.namazu.org/security.html# | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/71489 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.namazu.org/security.html# | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/71489 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| namazu | namazu | * | |
| namazu | namazu | 0.1.0 | |
| namazu | namazu | 0.1.1 | |
| namazu | namazu | 0.1.2 | |
| namazu | namazu | 0.1.3 | |
| namazu | namazu | 0.1.4 | |
| namazu | namazu | 0.2.0 | |
| namazu | namazu | 0.2.1 | |
| namazu | namazu | 0.2.2 | |
| namazu | namazu | 0.3.0 | |
| namazu | namazu | 0.3.1 | |
| namazu | namazu | 0.3.2 | |
| namazu | namazu | 0.3.3 | |
| namazu | namazu | 1.0.0 | |
| namazu | namazu | 1.0.1 | |
| namazu | namazu | 1.0.2 | |
| namazu | namazu | 1.0.3 | |
| namazu | namazu | 1.0.4 | |
| namazu | namazu | 1.0.4a | |
| namazu | namazu | 1.0.4b | |
| namazu | namazu | 1.1.0 | |
| namazu | namazu | 1.1.0a | |
| namazu | namazu | 1.1.1 | |
| namazu | namazu | 1.1.1.1 | |
| namazu | namazu | 1.1.1.2 | |
| namazu | namazu | 1.1.1.3 | |
| namazu | namazu | 1.1.1.4 | |
| namazu | namazu | 1.1.1.5 | |
| namazu | namazu | 1.1.2 | |
| namazu | namazu | 1.1.2.1 | |
| namazu | namazu | 1.1.2.2 | |
| namazu | namazu | 1.1.2.3 | |
| namazu | namazu | 1.1.2.4 | |
| namazu | namazu | 1.1.2.5 | |
| namazu | namazu | 1.2.0 | |
| namazu | namazu | 1.2.0.1 | |
| namazu | namazu | 1.2.0.2 | |
| namazu | namazu | 1.2.0.3 | |
| namazu | namazu | 1.2.0.4 | |
| namazu | namazu | 1.2.0.5 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.2.1.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.0 | |
| namazu | namazu | 1.3.0.1 | |
| namazu | namazu | 1.3.0.1 | |
| namazu | namazu | 1.3.0.2 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.3.1.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 1.4.0.0 | |
| namazu | namazu | 2.0 | |
| namazu | namazu | 2.0.1 | |
| namazu | namazu | 2.0.2 | |
| namazu | namazu | 2.0.3 | |
| namazu | namazu | 2.0.4 | |
| namazu | namazu | 2.0.5 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.6 | |
| namazu | namazu | 2.0.7 | |
| namazu | namazu | 2.0.7 | |
| namazu | namazu | 2.0.7 | |
| namazu | namazu | 2.0.7 | |
| namazu | namazu | 2.0.8 | |
| namazu | namazu | 2.0.8 | |
| namazu | namazu | 2.0.9 | |
| namazu | namazu | 2.0.9 | |
| namazu | namazu | 2.0.10 | |
| namazu | namazu | 2.0.10 | |
| namazu | namazu | 2.0.10 | |
| namazu | namazu | 2.0.11 | |
| namazu | namazu | 2.0.11 | |
| namazu | namazu | 2.0.11 | |
| namazu | namazu | 2.0.11 | |
| namazu | namazu | 2.0.11 | |
| namazu | namazu | 2.0.12 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:rc3:*:*:*:*:*:*",
"matchCriteriaId": "647040BF-8800-406B-870A-3FA2AF972E54",
"versionEndIncluding": "2.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED6AA51-FAF2-462F-8C7D-4BC7138C552D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75571060-1953-4C8F-83A0-804618CB101A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F99DF35-76D9-49F6-A69F-0A7C23163146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D71EFDED-EBAB-43B3-A8B3-BD0C36D33470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3040D0-809A-47C6-BA23-5B29FB1E19F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCCDF60-6F98-4753-B3F0-FA73BE089462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77EDE590-3BA5-4930-8733-0CE3A8DE84CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A51A084F-E73B-4339-9D07-74ED21991755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB24B37-8C3B-4351-BBF7-DBCDAB8D4CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B0902F-BF0B-4CA2-A5DD-9DCCBFD3ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A118BAB-B300-4442-9790-CEDC1F22A04C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD58F5BF-B770-430D-9440-22FDCC3B7C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54583C9C-480A-4024-803F-DAE339CD6ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86D29749-1E41-4C6A-AE91-E24419832A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F56924D-049D-4BE1-8CE8-8FB43D6F0EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3941646A-CC93-4318-A892-4CDD0CCCDE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D61E65F-BC0C-4DF1-8B6A-FF8B83D58E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "C7977CFD-BE97-4347-9AD5-8A5DA41FE9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "B41DC8AE-4D32-456A-8800-C6B68DCEF41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9D1A68-9980-4259-80F3-AE66F0046028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "B4ABD1BC-BB87-44D9-9297-9F3B08C0998A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA26197-2BF7-4F2A-B8B7-3029E14E649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "417C4C57-EC28-4454-AF4E-BC9BD1BCC3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43E392EC-B137-4146-AA4C-B0B6239D129D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E89D545-F9A0-4FA4-9C2E-602F6C27AC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1541C341-F25C-4299-B6B3-A6604D877512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20F3AF09-AE3A-4BB4-A815-EA873926C11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34127CEC-68C4-4339-96AA-F88764E42916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFE49F2-820F-49F4-891B-05FD874E2EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDEB067-EFE8-4B3E-83C7-7AFE44A1210B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8C4014-553D-43B9-81A3-8C461CD282F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "84D13743-91B5-46B2-8E29-77E1C5B4AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48C510B7-C653-47BC-890B-23D19DA57948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3169073-F2D2-42E7-A54A-6A576CB26FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD5F6C2-B112-46A4-9519-57D3063C60A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0454EB1A-F893-4A19-A782-A50BFEB0D10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "68F32FE9-0929-42BF-839B-95755C599A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EB488A-475D-443D-AD1C-D933FE5450F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.5:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D8EFDF9F-2696-49B6-8BE3-17AC91FB8FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BC76135E-22F3-4BE4-8018-20ADB47E8716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta11:*:*:*:*:*:*",
"matchCriteriaId": "E8FB7F11-6C58-4841-876B-CF81E10388FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta12:*:*:*:*:*:*",
"matchCriteriaId": "00E7E029-C623-4EC6-AD3A-81D39E7148CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta13:*:*:*:*:*:*",
"matchCriteriaId": "68AAAE67-6C4D-4F67-BC52-370A3C5DD1F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "93C53A17-1A82-41BF-B3DA-7E683C3C3145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "33ECA260-54B9-41CC-A930-C0E5B4FD1E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "0D9C7A66-C7CB-44CF-A77E-E1646FF225F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "F837573C-5A04-4B45-A1F7-D5913D482578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "3B94F15C-63A6-4751-8ADD-50E032BCA8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9255B365-7271-4D25-AAEA-3BF85324BFD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D0688B5C-EC2D-452B-8911-E84FAC131963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta10:*:*:*:*:*:*",
"matchCriteriaId": "D022F695-727E-4CF9-BFE4-801D12C90FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta11:*:*:*:*:*:*",
"matchCriteriaId": "639D8490-46A9-4BD8-90C1-2B7B4D9144C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta12:*:*:*:*:*:*",
"matchCriteriaId": "6A2E4079-F036-4F6A-AB4C-37F2B3EBCF76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta13:*:*:*:*:*:*",
"matchCriteriaId": "4C386377-286E-4539-B1F1-37CE267D109C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1AF30437-19F6-420C-9DEC-AC6D422A78AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1C5C79E4-C1C9-458F-B321-8977B2AD7507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "B8F92354-4323-4986-9DBA-FF0148CB2426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "E79C5C51-35D6-4453-B60B-BDBD142A1B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "6E6CA0EC-B8AD-4E60-AD79-9B689D7249C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "E9EE4A36-0B53-4BAA-842F-CBC26BB9224E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "A71EAF55-962F-4A64-BD5F-133F2758001E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "7E3B5823-9C2A-47AF-AECE-F2B0411FEDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "60ADCB9F-C1E6-4364-A2C2-5DECF6D71EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7E52FE67-FD0E-4A39-9102-8CA4D05E054B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E3076B-BF75-4781-9C72-93B49CEC0439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "4C77A20A-756E-4A11-9193-452B5547B69A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha10:*:*:*:*:*:*",
"matchCriteriaId": "54EEBEEE-94C0-4E2B-9D58-427F5FB62FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha11:*:*:*:*:*:*",
"matchCriteriaId": "D16BC6EC-0161-4D83-83D5-65FA505E4339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "C36AA4D5-0427-4A6D-BFC4-E5E68CBB02D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "B627CB30-F161-474E-AC66-1E8DD133356F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "522F4743-636D-40E7-AFF9-034E68FBA74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "19489F29-F621-45FF-8810-54F2413C05C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "95676E74-A204-4FD1-B5A5-87F9DF9B6E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "D5B4F1EF-2223-4606-B9D4-B8ADFBF05639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha8:*:*:*:*:*:*",
"matchCriteriaId": "240351EC-3746-4C54-883F-4D21FCAC5A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha9:*:*:*:*:*:*",
"matchCriteriaId": "C4E98888-8ABC-42C7-BE63-659E0354537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5E006BEC-AACC-41AB-8104-254F82AFEF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "33FC9475-5F83-4790-876E-BE88079AF3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "9C9C23AB-D29E-479B-B86A-86137360C8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "DC127763-919D-43C4-B4AC-B10E4F01589D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "272B3D4E-E195-45C9-8734-8B0F610AE70D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2FAF-085F-49B7-9BEC-6415E6FE6664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "D406BABF-2507-4D82-9606-0DF0C14D2C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "79C27BE4-317C-4475-84DE-E53D0D8FBBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "F81A55FB-7449-43D4-B76C-14B34F06C25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1CBB07DF-E579-452E-94C6-F4B38BDAD327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5E1C7A14-88A1-44CE-A1C9-A02D8DA9E388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "B045FAD4-11AF-4ED8-A99F-022247DCEFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "98C1182D-17B4-4A9C-91FE-6DE55C7E975F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8172FBA0-3C33-45F3-B688-73918AC280D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "EF12E60A-45F7-4F0C-BB47-72460F4AEAA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53E1A065-5E2B-42B0-813F-F1A750099BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD212F26-EB20-45BC-BF9D-AB5B5FCF72FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21E6A1-B191-415C-8E6C-03DF9ED40323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BAB0EA-8AB0-413D-B039-7C5D59C33B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F986C7F-6FC5-4420-B56B-DEAF39F74B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:pre1:*:*:*:*:*:*",
"matchCriteriaId": "828FB8F9-6A58-42E3-8806-1A2923C5039D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:pre2:*:*:*:*:*:*",
"matchCriteriaId": "B3F03670-7A88-456A-86F7-5B56AC6D75A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:pre3:*:*:*:*:*:*",
"matchCriteriaId": "110C3AC4-8063-4303-8B29-D5BD3639E727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BF297FF5-4D06-46E6-A394-3F497B2D0C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DEE982F4-4C18-4665-B14A-528728E26D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6C1FA5C0-18E0-4B69-9964-7DCA62045CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3616525D-3D21-4B02-964E-23A0F36E0A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6368A560-9837-425A-8999-E17E474F6855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc6:*:*:*:*:*:*",
"matchCriteriaId": "80E4D352-3CA3-4954-BFED-BF7F534B0279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc7:*:*:*:*:*:*",
"matchCriteriaId": "085D4514-0EDD-4A7F-9150-4D8B6187F98D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE8D199-8F49-478E-B5A7-4901F11446FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:pre1:*:*:*:*:*:*",
"matchCriteriaId": "62CAA242-D414-4B36-B920-95153E8513F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:pre2:*:*:*:*:*:*",
"matchCriteriaId": "37D5F95A-D44B-4719-9B7A-8AD9BB9F7C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:pre3:*:*:*:*:*:*",
"matchCriteriaId": "4AC0D8BD-6F6C-4F1E-B0A9-76ED623665D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "694F5F25-3A11-47C8-9007-B9E6BEFAC0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.8:pre1:*:*:*:*:*:*",
"matchCriteriaId": "6F53ADBF-0064-49C6-AAA5-C3D67D288C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "68E61791-8FFC-4352-9239-E9385F295688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8D3B4FCB-5BFE-424C-9499-4549FC571BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8F327931-C7FE-41B4-8D2C-27B1D8B8C6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DD0C7C25-479C-42EE-A462-E9ADE97EFF17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4BEA3E27-ADF8-41E3-8E32-F7B05C90DDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "429D214D-1833-4B93-A496-BFCEF996987E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8B124E14-2F62-466B-83DF-DD9FAEC030F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre2:*:*:*:*:*:*",
"matchCriteriaId": "1C66D997-1C5C-4245-AAFB-391A76A21E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre3:*:*:*:*:*:*",
"matchCriteriaId": "56C58C12-1172-4330-BBA8-AE9923308E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre4:*:*:*:*:*:*",
"matchCriteriaId": "43B6ED25-B499-405D-BCA5-2C2B8940C135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre3:*:*:*:*:*:*",
"matchCriteriaId": "ACD71903-ABF4-4B6E-B8D2-5E4A470018B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre4:*:*:*:*:*:*",
"matchCriteriaId": "9B189415-ECC5-4D65-9B35-8E1F021765A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre5:*:*:*:*:*:*",
"matchCriteriaId": "E8E1665D-861E-4222-AE2B-B6A0BB640E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre6:*:*:*:*:*:*",
"matchCriteriaId": "39C1262E-398E-4665-9BA9-773F015F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre7:*:*:*:*:*:*",
"matchCriteriaId": "C3B9F413-0083-4BFB-9B58-5A9100B50C25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre8:*:*:*:*:*:*",
"matchCriteriaId": "6E8B3AE7-5C21-4039-875B-1729461AC4C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0A177F30-0DDC-4F20-827D-50597880BA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FA5D24E0-2009-47A7-A3FB-F1F8AA51BACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "22106008-3B79-4A7F-A9B8-10A02D6C471B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3015B051-6C82-4ED3-986F-C0E8857ED15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre1:*:*:*:*:*:*",
"matchCriteriaId": "6D28CA51-03D6-4B0F-8ABE-056CD79622C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre2:*:*:*:*:*:*",
"matchCriteriaId": "903F925B-D6B3-43F4-B57E-40D718038B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre3:*:*:*:*:*:*",
"matchCriteriaId": "5B44DFDC-4D3F-4F03-8D70-E7C7DDEC2921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2A8EB959-1522-4EE3-B350-864CA8BFB3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A25B292C-8476-4395-ADE8-EFBE01B5B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17A338BB-ACBC-4F63-A44A-83E3758370B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "36D71068-D159-4231-A6FE-FD38D22F6D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2D7B6E95-933A-4254-9AB1-876A37D6D6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78847126-2207-4B1D-B395-36F81AEEF468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17E25825-9873-44F7-AA8C-F3B2C621472A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de salto de directorio en namazu.cgi en Namazu antes de v2.0.16 permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de ..(punto punto) en el par\u00e1metro (1) lang o (2) result"
}
],
"id": "CVE-2011-4711",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-12-08T19:55:05.890",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-06 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://jvn.jp/jp/JVN%23904429FE.html | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/13600 | ||
| cve@mitre.org | http://securitytracker.com/alerts/2005/Jan/1012802.html | ||
| cve@mitre.org | http://securitytracker.com/alerts/2005/Jan/1012805.html | ||
| cve@mitre.org | http://www.debian.org/security/2005/dsa-627 | Vendor Advisory | |
| cve@mitre.org | http://www.linuxsecurity.com/content/view/117604/102/ | ||
| cve@mitre.org | http://www.namazu.org/security.html.en#xss-tab | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2005_01_sr.html | ||
| cve@mitre.org | http://www.osvdb.org/12516 | ||
| cve@mitre.org | http://www.securityfocus.com/advisories/9028 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/12053 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/18623 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/jp/JVN%23904429FE.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/13600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/alerts/2005/Jan/1012802.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/alerts/2005/Jan/1012805.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-627 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linuxsecurity.com/content/view/117604/102/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.namazu.org/security.html.en#xss-tab | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2005_01_sr.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/12516 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/advisories/9028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12053 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/18623 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE8D199-8F49-478E-B5A7-4901F11446FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "694F5F25-3A11-47C8-9007-B9E6BEFAC0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
],
"id": "CVE-2004-1318",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13600"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/12516"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/12516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-11-30 04:05
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://cvs.namazu.org/namazu/src/result.c?sortdir=down&r1=1.59.8.28&r2=1.59.8.29&sortby=log | Patch | |
| secalert@redhat.com | http://cvs.namazu.org/namazu/src/result.c?sortdir=down&r1=1.77.2.8&r2=1.77.2.9&sortby=log | Patch | |
| secalert@redhat.com | http://cvs.namazu.org/namazu/src/result.c?sortdir=down&r1=1.86&r2=1.87&sortby=log | Patch | |
| secalert@redhat.com | http://www.namazu.org/security.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/50772 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=756341 | Patch | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cvs.namazu.org/namazu/src/result.c?sortdir=down&r1=1.59.8.28&r2=1.59.8.29&sortby=log | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cvs.namazu.org/namazu/src/result.c?sortdir=down&r1=1.77.2.8&r2=1.77.2.9&sortby=log | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cvs.namazu.org/namazu/src/result.c?sortdir=down&r1=1.86&r2=1.87&sortby=log | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.namazu.org/security.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/50772 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=756341 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CFC363B-2848-4DB3-9C1C-BCB4D595B8E8",
"versionEndIncluding": "2.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD2D7C9-9A19-4122-B2EF-EF7F53AC58C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C77F8A22-1EF7-4C39-B220-0E459EB7E9C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en la pila en Namazu anterior a v2.0.20 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de peticiones manipuladas que contiene un campo de la URI vac\u00edo."
}
],
"id": "CVE-2009-5028",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-11-30T04:05:58.327",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"source": "secalert@redhat.com",
"url": "http://www.namazu.org/security.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/50772"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.namazu.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=100947261916155&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=101060476404565&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=101068116016472&w=2 | ||
| cve@mitre.org | http://www.osvdb.org/5691 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7875 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=100947261916155&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=101060476404565&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=101068116016472&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/5691 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7875 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC217CB-23A3-457D-81B5-368B62F06E0E",
"versionEndIncluding": "2.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
],
"id": "CVE-2001-1352",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5691"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b | ||
| cve@mitre.org | http://www.osvdb.org/5690 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7875 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&w=2&r=1&s=namazu&q=b | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/5690 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7875 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63CB3EF-BFDD-43A9-A997-7DB29F121EF0",
"versionEndIncluding": "2.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
],
"id": "CVE-2001-1351",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5690"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}