CVE-2010-1273 - OpenCVE

Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Emweb	Wt

Configuration 1 [-]

OR	cpe:2.3:a:emweb:wt::::::::
	cpe:2.3:a:emweb:wt:1.1.4:::::::*
	cpe:2.3:a:emweb:wt:1.1.5:::::::*
	cpe:2.3:a:emweb:wt:1.1.6:::::::*
	cpe:2.3:a:emweb:wt:1.1.7:::::::*
	cpe:2.3:a:emweb:wt:2.0.0:::::::*
	cpe:2.3:a:emweb:wt:2.0.1:::::::*
	cpe:2.3:a:emweb:wt:2.0.4:::::::*
	cpe:2.3:a:emweb:wt:2.0.4a:::::::*
	cpe:2.3:a:emweb:wt:2.0.5:::::::*
	cpe:2.3:a:emweb:wt:2.1.0:::::::*
	cpe:2.3:a:emweb:wt:2.1.1:::::::*
	cpe:2.3:a:emweb:wt:2.1.2:::::::*
	cpe:2.3:a:emweb:wt:2.1.3:::::::*
	cpe:2.3:a:emweb:wt:2.1.4:::::::*
	cpe:2.3:a:emweb:wt:2.1.5:::::::*
	cpe:2.3:a:emweb:wt:2.2.0:::::::*
	cpe:2.3:a:emweb:wt:2.2.1:::::::*
	cpe:2.3:a:emweb:wt:2.2.2:::::::*
	cpe:2.3:a:emweb:wt:2.2.3:::::::*
	cpe:2.3:a:emweb:wt:2.99.0:::::::*
	cpe:2.3:a:emweb:wt:2.99.1:::::::*
	cpe:2.3:a:emweb:wt:2.99.2:::::::*
	cpe:2.3:a:emweb:wt:2.99.3:::::::*
	cpe:2.3:a:emweb:wt:2.99.4:::::::*
	cpe:2.3:a:emweb:wt:2.99.5:::::::*
	cpe:2.3:a:emweb:wt:3.0.0:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/38759
http://www.osvdb.org/62717
http://www.securityfocus.com/bid/38541
http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-04-06T16:00:00Z

Updated: 2024-09-16T22:01:54.078Z

Reserved: 2010-04-06T00:00:00Z

Link: CVE-2010-1273

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2010-04-06T16:30:00.813

Modified: 2010-06-07T04:00:00.000

Link: CVE-2010-1273

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-04-06T16:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html"}, {"name": "62717", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/62717"}, {"name": "38759", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38759"}, {"name": "38541", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38541"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1273", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html", "refsource": "CONFIRM", "url": "http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html"}, {"name": "62717", "refsource": "OSVDB", "url": "http://www.osvdb.org/62717"}, {"name": "38759", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38759"}, {"name": "38541", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38541"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:21:17.691Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html"}, {"name": "62717", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/62717"}, {"name": "38759", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38759"}, {"name": "38541", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38541"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1273", "datePublished": "2010-04-06T16:00:00Z", "dateReserved": "2010-04-06T00:00:00Z", "dateUpdated": "2024-09-16T22:01:54.078Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:emweb:wt:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F3C465D-B79A-4158-9228-ED4A6061032C", "versionEndIncluding": "3.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C873F145-6DE2-47B0-8DCB-CBD8786E3EE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "D6368A2B-2C1B-430D-9A93-03DD5A36ADAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "3A17F008-CEBC-4D48-B181-8531FF07454B", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "DC94BBDD-8B6A-4526-A377-7417FA1B4178", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C2C8EA2-64FB-46ED-A7F4-1C1A28F78FC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A10C733-695D-42AC-A21D-2A9D7B829FD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "64525B2B-E8B0-4D0D-93FF-D427C2109BFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.0.4a:*:*:*:*:*:*:*", "matchCriteriaId": "D7500DEA-1641-4DBD-AD1F-65C0FAE92BF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "8C2A4E0E-44CB-4F4C-BD15-91AA8CA1E3FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2914EEC6-BE5D-4185-92B8-5038546012A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F9BEA216-4EA2-4966-9510-8350C1F78B8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F68E528D-4DD9-44CE-B48A-261AFB0B3889", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "375D5616-25C0-48F6-B69D-E6C455444E87", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "2836A7B3-BE8D-4CB3-8FB1-75F84B3FA382", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "18E66E57-E107-477C-BE6E-5AEC6F4D2460", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A3B8BAFF-DEE7-45AB-B6B1-6963AD071786", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F9EDD50B-B914-45C5-AA84-F28ACAEBA980", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5F6D5D49-E1B8-4E28-A2C5-306695B59A76", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8C751462-88ED-4C16-8874-06D3F9F39B42", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.99.0:*:*:*:*:*:*:*", "matchCriteriaId": "F728D62E-65D3-48C6-B0C9-09C1F4FDF730", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.99.1:*:*:*:*:*:*:*", "matchCriteriaId": "02DEDF2B-4E73-4434-98A1-2E7325CC5BE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.99.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A740FE3-D872-4F4B-9D7B-26CE2DFD415B", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.99.3:*:*:*:*:*:*:*", "matchCriteriaId": "855F5D67-A8B3-403D-91B4-55D8C6459FE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.99.4:*:*:*:*:*:*:*", "matchCriteriaId": "5DA32D57-7163-4FAD-B416-BE8D0BFBA7A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:2.99.5:*:*:*:*:*:*:*", "matchCriteriaId": "1DDD2D44-73D2-447F-ADE0-0B71F631DE21", "vulnerable": true}, {"criteria": "cpe:2.3:a:emweb:wt:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F2F24D93-83EB-4506-8BFE-350A6EF65369", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors."}, {"lang": "es", "value": "Emweb Wt anterior a v3.1.1 no valida correctamente la codificaci\u00f3n UTF-8 de (1) los valores del formulario y (2) de los argumentos JSignal, lo que tiene un impacto y vectores remotos de ataque no especificados."}], "id": "CVE-2010-1273", "lastModified": "2010-06-07T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-04-06T16:30:00.813", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38759"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/62717"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38541"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.webtoolkit.eu/wt/doc/reference/html/Releasenotes.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}