CVE-2009-0962

Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://jvn.jp/en/jp/JVN84899898/index.html
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000014.html
http://osvdb.org/52527
http://secunia.com/advisories/34197	Vendor Advisory
http://www.futomi.com/library/info/2009/20090310.html	Vendor Advisory
http://www.securityfocus.com/bid/34071
https://exchange.xforce.ibmcloud.com/vulnerabilities/49179
https://exchange.xforce.ibmcloud.com/vulnerabilities/49180

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:futomi:mp_form_mail_cgi::-:ecommerce:::::
	cpe:2.3:a:futomi:mp_form_mail_cgi::-:pro:::::

History

No history.

Information

Published : 2009-03-19 00:30

Updated : 2023-12-10 10:51

NVD link : CVE-2009-0962

Mitre link : CVE-2009-0962

CVE.ORG link : CVE-2009-0962

JSON object : View

Products Affected

futomi

mp_form_mail_cgi

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-0962", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2009-03-19T00:30:00.280", "references": [{"url": "http://jvn.jp/en/jp/JVN84899898/index.html", "source": "cve@mitre.org"}, {"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000014.html", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/52527", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/34197", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.futomi.com/library/info/2009/20090310.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/34071", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49179", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49180", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 y anteriores, y CGI Professional 3.2.2 y anteriores, permite a atacantes remotos obtener privilegios de administraci\u00f3n mediante vectores de ataque desconocidos."}], "lastModified": "2017-08-17T01:30:08.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:futomi:mp_form_mail_cgi:*:-:ecommerce:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDEAB009-89A1-401A-80D0-6F9E14296FC5", "versionEndIncluding": "1.3.0"}, {"criteria": "cpe:2.3:a:futomi:mp_form_mail_cgi:*:-:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5B8074E-F12B-48C6-85A0-9920B4CE19D0", "versionEndIncluding": "3.2.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}