CVE-2009-0347
Summary
| CVE | CVE-2009-0347 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-01-29 19:30:00 UTC |
| Updated | 2017-08-08 01:33:00 UTC |
| Description | Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. |
Risk And Classification
Problem Types: CWE-59
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Sunbelt Blog: The constant stream of Ultraseek redirects to malware | MISC | sunbeltblog.blogspot.com | |
| www.ultraseek.com/forums/thread.jspa | MISC | www.ultraseek.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Autonomy Ultraseek 'cs.html' URI Redirection Vulnerability | BID | www.securityfocus.com | |
| US-CERT Vulnerability Note VU#202753 - Autonomy Ultraseek URL redirection vulnerability | CERT-VN | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.