← Retour aux CVEs
CVE-2009-1202
N/ADescription
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705.
Details CVE
Score CVSS v3.1N/A
Publie6/25/2009
Derniere modification4/23/2026
Sourcenvd
Observations honeypot0
Produits affectes
cisco:adaptive_security_appliance
Faiblesses (CWE)
CWE-79
References
http://secunia.com/advisories/35511(cve@mitre.org)
http://www.securityfocus.com/archive/1/504516/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/35480(cve@mitre.org)
http://www.securitytracker.com/id?1022457(cve@mitre.org)
http://www.vupen.com/english/advisories/2009/1713(cve@mitre.org)
http://secunia.com/advisories/35511(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/504516/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/35480(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1022457(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/1713(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.