ID CVE-2005-1108
Summary The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request.
References
Vulnerable Configurations
  • cpe:2.3:a:junkbuster:internet_junkbuster:2.0.2_r2:*:*:*:*:*:*:*
    cpe:2.3:a:junkbuster:internet_junkbuster:2.0.2_r2:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 13147
debian DSA-713
gentoo GLSA-200504-11
misc http://bugs.gentoo.org/show_bug.cgi?id=88537
osvdb 15502
secunia 14932
xf junkbuster-ijuntrustedurl-gain-access(20093)
Last major update 11-07-2017 - 01:32
Published 02-05-2005 - 04:00
Last modified 11-07-2017 - 01:32
Back to Top