NVD

Id
47941  
Name
CVE-2009-0612  
Description
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and InterScan Web Security Suite (IWSS) 3.x, when basic authorization is enabled on the standalone proxy, forwards the Proxy-Authorization header from Windows Media Player, which allows remote web servers to obtain credentials by offering a media stream and then capturing this header.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2009-02-17  
Modified Date
2009-02-18  
Seq
2009-0612  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
240371 47941 CVE-2009-0612 20090209 Trend micro - IWSVA/IWSS - Authorization module password leak  View
240372 47941 CVE-2009-0612 33687  View
240373 47941 CVE-2009-0612 1021716  View
240374 47941 CVE-2009-0612 interscan-proxyauthorization-info-disc(48681)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
40405 JVNDB-2009-001411 Trend Micro InterScan Web Security Virtual Appliance (IWSVA) および InterScan Web Security Suite (IWSS) における情報漏洩の脆弱性 Trend Micro InterScan Web Security Virtual Appliance (IWSVA) および InterScan Web Security Suite (IWSS) には、ベーシック認証がスタンドアロンプロキシ上で有効な場合、 Windows Media Player から Proxy-Authorization ヘッダを転送するため、情報漏洩の脆弱性が存在します。 CVE-2009-0612 38043 CVE-2009-0612 47941 4.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001411.html 2009-02-17 2009-06-30 View