CVE-2005-0905 - Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search

CVE-2005-0905

Summary

Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.

References

Vulnerable Configurations

cpe:2.3:a:maxthon:maxthon:1.2:*:*:*:*:*:*:*
cpe:2.3:a:maxthon:maxthon:1.2:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:N/A:N

refmap via4

bid	12898
fulldisc	20050325 Maxthon browser search bar information disclosure
misc	http://forum.maxthon.com/forum/index.php?showtopic=18207 http://www.raffon.net/advisories/maxthon/searchbarid.html
secunia	14712

Last major update

18-10-2016 - 03:15

Published

02-05-2005 - 04:00

Last modified

18-10-2016 - 03:15