CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0802

Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.5%

CVSS Severity

CVSS v2 Score 5.4

References

Products affected by CVE-2009-0802

Qbik » Wingate » Version: 6.0.0

cpe:2.3:a:qbik:wingate:6.0.0
Qbik » Wingate » Version: 6.0.1_build_993

cpe:2.3:a:qbik:wingate:6.0.1_build_993
Qbik » Wingate » Version: 6.0.1_build_995

cpe:2.3:a:qbik:wingate:6.0.1_build_995
Qbik » Wingate » Version: 6.0.2_build_1000

cpe:2.3:a:qbik:wingate:6.0.2_build_1000
Qbik » Wingate » Version: 6.0.2_build_1001

cpe:2.3:a:qbik:wingate:6.0.2_build_1001
Qbik » Wingate » Version: 6.0.3_build_1005

cpe:2.3:a:qbik:wingate:6.0.3_build_1005
Qbik » Wingate » Version: 6.1

cpe:2.3:a:qbik:wingate:6.1
Qbik » Wingate » Version: 6.1.1.1077

cpe:2.3:a:qbik:wingate:6.1.1.1077
Qbik » Wingate » Version: 6.1.2

cpe:2.3:a:qbik:wingate:6.1.2
Qbik » Wingate » Version: 6.1.3

cpe:2.3:a:qbik:wingate:6.1.3
Qbik » Wingate » Version: 6.1.4

cpe:2.3:a:qbik:wingate:6.1.4
Qbik » Wingate » Version: 6.2

cpe:2.3:a:qbik:wingate:6.2
Qbik » Wingate » Version: 6.2.1

cpe:2.3:a:qbik:wingate:6.2.1
Qbik » Wingate » Version: 6.2.2

cpe:2.3:a:qbik:wingate:6.2.2
Qbik » Wingate » Version: 6.5.2

cpe:2.3:a:qbik:wingate:6.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0802

Products

Pricing

Contact Us