Vulnerability Description
The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object in the document class via a link that is sent from the owner of the document object.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 3Ds | Enovia Smarteam | <= 5.18 |
| Ibm | Catia | <= 5.18 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/34037Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1HD80332Vendor Advisory
- http://www.securityfocus.com/bid/33895
- http://www.vupen.com/english/advisories/2009/0525Vendor Advisory
- http://secunia.com/advisories/34037Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1HD80332Vendor Advisory
- http://www.securityfocus.com/bid/33895
- http://www.vupen.com/english/advisories/2009/0525Vendor Advisory
FAQ
What is CVE-2009-0809?
CVE-2009-0809 is a vulnerability with a CVSS score of 3.5 (LOW). The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object ...
How severe is CVE-2009-0809?
CVE-2009-0809 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0809?
Check the references section above for vendor advisories and patch information. Affected products include: 3Ds Enovia Smarteam, Ibm Catia.