Описание
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-2318
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43735
- http://lists.apple.com/archives/security-announce//2008/Jul/msg00002.html
- http://secunia.com/advisories/31060
- http://support.apple.com/kb/HT2352
- http://www.securityfocus.com/bid/30191
- http://www.securitytracker.com/id?1020473
- http://www.vupen.com/english/advisories/2008/2093/references
Связанные уязвимости
nvd
больше 17 лет назад
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.