Search criteria
1 vulnerability by imho
CVE-2002-2165 (GCVE-0-2002-2165)
Vulnerability from cvelistv5 – Published: 2005-11-16 21:17 – Updated: 2024-09-16 23:40
VLAI?
Summary
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitybugware.org/Other/5537.html"
},
{
"name": "imho-roxen-session-hijacking(9615)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9615.php"
},
{
"name": "5238",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5238"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser\u0027s previous login session in an error page, which allows local users to read another user\u0027s inbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitybugware.org/Other/5537.html"
},
{
"name": "imho-roxen-session-hijacking(9615)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9615.php"
},
{
"name": "5238",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5238"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser\u0027s previous login session in an error page, which allows local users to read another user\u0027s inbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securitybugware.org/Other/5537.html",
"refsource": "MISC",
"url": "http://www.securitybugware.org/Other/5537.html"
},
{
"name": "imho-roxen-session-hijacking(9615)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9615.php"
},
{
"name": "5238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5238"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2165",
"datePublished": "2005-11-16T21:17:00Z",
"dateReserved": "2005-11-16T00:00:00Z",
"dateUpdated": "2024-09-16T23:40:38.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}