Nokia Electronic Documentation连接重定向漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107484 漏洞类型 未知
发布时间 2003-09-15 更新时间 2003-10-06
CVE编号 CVE-2003-0803 CNNVD-ID CNNVD-200310-002
漏洞平台 Windows CVSS评分 7.5

A vulnerability has been discovered in Nokia Electronic Documentation (NED) that may allow an attacker to redirect connections to a third party system. The problem likely occurs due to the NED server failing to sufficiently verify hosts provided within specific HTTP requests. As a result, an attacker may be capable of making a request that would cause data to be redirected to a third party system.

This may allow an attacker to interact with an otherwise inaccessible system, or potentially hide the origin of attacks launched against other targets.
Nokia Electronic Documentation 5.0