Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4751

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-4751
Last Modified 31 Jan 2012 11:12:18
Published 16 Dec 2011 06:55:11
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4751

Summary

SmarterTools SmarterStats 6.2.4100 generates web pages containing external links in response to GET requests with query strings for frmGettingStarted.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (1) web-server access logs or (2) web-server Referer logs, related to a "cross-domain Referer leakage" issue.

Vulnerable Systems

Application

  • Smartertools Smarterstats 6.2.4100


References

MISC - http://xss.cx/examples/exploits/stored-reflected-xss-cwe79-smarterstats624100.html

XF - smartertools-smarterstats-fgs-info-disc(72203)


Last Updated: 27 May 2016 10:57:16