Vulnerability Details CVE-2008-6298
Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the "HTTP header rewrite function."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://jvn.jp/en/jp/JVN67060882/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000076.html
- http://rocketeer.dip.jp/sanaki/free/free100.htm
- http://secunia.com/advisories/32581
- http://www.securityfocus.com/bid/32247
- http://www.vupen.com/english/advisories/2008/3105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46516
- http://jvn.jp/en/jp/JVN67060882/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000076.html
- http://rocketeer.dip.jp/sanaki/free/free100.htm
- http://secunia.com/advisories/32581
- http://www.securityfocus.com/bid/32247
- http://www.vupen.com/english/advisories/2008/3105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46516
Products affected by CVE-2008-6298
-
cpe:2.3:a:rocketeer.dip:sisapilocation:*
-
cpe:2.3:a:rocketeer.dip:sisapilocation:1.0.1.3
-
cpe:2.3:a:rocketeer.dip:sisapilocation:1.0.1.4