CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-5120

The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850
http://www.websense.com/support/article/t-kbarticle/v7-Apache-Tomcat-security-vulnerabilities-1258048503850

Products affected by CVE-2009-5120

Websense » Websense Web Filter » Version: 7.0

cpe:2.3:a:websense:websense_web_filter:7.0
Websense » Websense Web Security » Version: 7.0

cpe:2.3:a:websense:websense_web_security:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-5120

Products

Pricing

Contact Us