Vulnerability Description
InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20 and /index.php%20 URIs.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intervations | Navicopa Web Server | <= 3.0.1.2 |
Related Weaknesses (CWE)
References
- http://freetexthost.com/n5l0h34pxcURL Repurposed
- http://osvdb.org/58949
- http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.h
- http://secunia.com/advisories/37014Vendor Advisory
- http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txtExploit
- http://www.securityfocus.com/bid/36705Exploit
- http://www.vupen.com/english/advisories/2009/2927Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53799
- http://freetexthost.com/n5l0h34pxcURL Repurposed
- http://osvdb.org/58949
- http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.h
- http://secunia.com/advisories/37014Vendor Advisory
- http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txtExploit
- http://www.securityfocus.com/bid/36705Exploit
- http://www.vupen.com/english/advisories/2009/2927Vendor Advisory
FAQ
What is CVE-2009-4529?
CVE-2009-4529 is a vulnerability with a CVSS score of 5.0 (MEDIUM). InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source code for a web page via a trailing encoded space character in a URI, as demonstrated by /index.html%20...
How severe is CVE-2009-4529?
CVE-2009-4529 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-4529?
Check the references section above for vendor advisories and patch information. Affected products include: Intervations Navicopa Web Server.