var-200906-0257
Vulnerability from variot
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1535. An attacker can exploit this issue to gain unauthorized access to protected resources, which may lead to other attacks. This issue affects IIS 5.0. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA09-160A
Microsoft Updates for Multiple Vulnerabilities
Original release date: June 09, 2009 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows
* Microsoft Office
* Microsoft Internet Explorer
Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, and Internet Explorer.
I. Description
As part of the Microsoft Security Bulletin Summary for June 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Office, and Internet Explorer.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash.
III. Solution
Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for June 2009. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).
IV. References
-
Microsoft Security Bulletin Summary for June 2009 - http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx
-
Microsoft Windows Server Update Services - http://technet.microsoft.com/en-us/wsus/default.aspx
-
US-CERT Vulnerability Notes for Microsoft June 2009 updates - http://www.kb.cert.org/vuls/byid?searchview&query=ms09-jun
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA09-160A.html>
Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA09-160A Feedback VU#983731" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2009 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
Revision History
June 09, 2009: Initial release
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBSi7EY3IHljM+H4irAQKpUwgAqcYG1SVf4dPt7wevUx9UIKyw/RWG/wCI +ns9UEmk4Pbdu8Tj+snDsNxxOnvdUGnWzfbuBFrzexr+u3zY0BgvBQ50eaYnYyVn Iv9yxxxKfdvQEQIiPi/5gWl05k4axYdSjEYLZqNkQIj1VvqJOhCWaHKPsJZykdZq ZZLd8aFxxM7fj0RrKeorXGiApw45kP9a133EN7NRf8CvYsNKnUTMYVPC2bTaq0Jb HCjjEOwBWaP6YjqQ1laVslCHzOVpFzQnkl+IKBsoDAu1397KjwobIR340YyW6K4g ckdod5TwdG77KOcNZHAp+uQMffGOaCfqj/MFk7qEYxN7/0gJXuB8mQ== =9e4w -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200906-0257",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iis",
"scope": "eq",
"trust": 1.7,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "internet information services",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "windows 2000",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "messaging application server mm",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "messaging application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "35232"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:microsoft:iis",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows_2000",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yamata Li",
"sources": [
{
"db": "BID",
"id": "35232"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
}
],
"trust": 0.9
},
"cve": "CVE-2009-1122",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2009-1122",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-1122",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-1122",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-1122",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200906-150",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2009-1122",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka \"IIS 5.0 WebDAV Authentication Bypass Vulnerability,\" a different vulnerability than CVE-2009-1535. \nAn attacker can exploit this issue to gain unauthorized access to protected resources, which may lead to other attacks. \nThis issue affects IIS 5.0. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n National Cyber Alert System\n\n Technical Cyber Security Alert TA09-160A\n\n\nMicrosoft Updates for Multiple Vulnerabilities\n\n Original release date: June 09, 2009\n Last revised: --\n Source: US-CERT\n\n\nSystems Affected\n\n * Microsoft Windows\n * Microsoft Office\n * Microsoft Internet Explorer\n\n\nOverview\n\n Microsoft has released updates that address vulnerabilities in\n Microsoft Windows, Office, and Internet Explorer. \n\n\nI. Description\n\n As part of the Microsoft Security Bulletin Summary for June 2009,\n Microsoft released updates to address vulnerabilities that affect\n Microsoft Windows, Office, and Internet Explorer. \n\n\nII. Impact\n\n A remote, unauthenticated attacker could execute arbitrary code,\n gain elevated privileges, or cause a vulnerable application to\n crash. \n\n\nIII. Solution\n\n Microsoft has provided updates for these vulnerabilities in the\n Microsoft Security Bulletin Summary for June 2009. The security\n bulletin describes any known issues related to the updates. \n Administrators are encouraged to note these issues and test for any\n potentially adverse effects. Administrators should consider using\n an automated update distribution system such as Windows Server\n Update Services (WSUS). \n\n\nIV. References\n\n * Microsoft Security Bulletin Summary for June 2009 -\n \u003chttp://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx\u003e\n\n * Microsoft Windows Server Update Services -\n \u003chttp://technet.microsoft.com/en-us/wsus/default.aspx\u003e\n\n * US-CERT Vulnerability Notes for Microsoft June 2009 updates -\n \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=ms09-jun\u003e\n\n ____________________________________________________________________\n\n The most recent version of this document can be found at:\n\n \u003chttp://www.us-cert.gov/cas/techalerts/TA09-160A.html\u003e\n ____________________________________________________________________\n\n Feedback can be directed to US-CERT Technical Staff. Please send\n email to \u003ccert@cert.org\u003e with \"TA09-160A Feedback VU#983731\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2009 by US-CERT, a government organization. \n\n Terms of use:\n\n \u003chttp://www.us-cert.gov/legal.html\u003e\n ____________________________________________________________________\n\nRevision History\n \n June 09, 2009: Initial release\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (GNU/Linux)\n\niQEVAwUBSi7EY3IHljM+H4irAQKpUwgAqcYG1SVf4dPt7wevUx9UIKyw/RWG/wCI\n+ns9UEmk4Pbdu8Tj+snDsNxxOnvdUGnWzfbuBFrzexr+u3zY0BgvBQ50eaYnYyVn\nIv9yxxxKfdvQEQIiPi/5gWl05k4axYdSjEYLZqNkQIj1VvqJOhCWaHKPsJZykdZq\nZZLd8aFxxM7fj0RrKeorXGiApw45kP9a133EN7NRf8CvYsNKnUTMYVPC2bTaq0Jb\nHCjjEOwBWaP6YjqQ1laVslCHzOVpFzQnkl+IKBsoDAu1397KjwobIR340YyW6K4g\nckdod5TwdG77KOcNZHAp+uQMffGOaCfqj/MFk7qEYxN7/0gJXuB8mQ==\n=9e4w\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1122"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "BID",
"id": "35232"
},
{
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"db": "PACKETSTORM",
"id": "78216"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=8806",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1122"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "35232",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2009-1122",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA09-160A",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1022358",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-1539",
"trust": 2.5
},
{
"db": "USCERT",
"id": "SA09-160A",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#787932",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "8806",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-1122",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78216",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"db": "BID",
"id": "35232"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "PACKETSTORM",
"id": "78216"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"id": "VAR-200906-0257",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-23T21:21:54.327000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MS09-020",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS09-020.mspx"
},
{
"title": "MS09-020",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/ms09-020.mspx"
},
{
"title": "MS09-020e",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/security/bulletins/MS09-020e.mspx"
},
{
"title": "TA09-160A",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta09-160a.html"
},
{
"title": "WindowsPrivilegeEscalation\n2023\n2022\n2021\n2020\n2019\n2018\n2017\n2016\n2015\n2014\n2013\n2012\n2011\n2010\n2009\n2008\n2007\n2006\n2005\n2003\n2000",
"trust": 0.1,
"url": "https://github.com/ycdxsb/WindowsPrivilegeEscalation "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1022358"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/35232"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/1539"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-160a.html"
},
{
"trust": 1.7,
"url": "http://www.attrition.org/pipermail/vim/2009-june/002192.html"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5861"
},
{
"trust": 1.7,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-020"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1122"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2009/at090011.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta09-160a/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu787932/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/jvntr-2009-14"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1122"
},
{
"trust": 0.8,
"url": "http://www.us-cert.gov/cas/alerts/sa09-160a.html"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/787932"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/#topics"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/windowsserver2003/iis/default.mspx"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/elmodocs2/security/asa-2009-215.htm"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/8806/"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta09-160a.html\u003e"
},
{
"trust": 0.1,
"url": "http://technet.microsoft.com/en-us/wsus/default.aspx\u003e"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=ms09-jun\u003e"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"db": "BID",
"id": "35232"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "PACKETSTORM",
"id": "78216"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"db": "BID",
"id": "35232"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"db": "PACKETSTORM",
"id": "78216"
},
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-06-10T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"date": "2009-06-09T00:00:00",
"db": "BID",
"id": "35232"
},
{
"date": "2009-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"date": "2009-06-10T20:55:09",
"db": "PACKETSTORM",
"id": "78216"
},
{
"date": "2009-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"date": "2009-06-10T18:30:00.297000",
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-23T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1122"
},
{
"date": "2009-06-18T16:30:00",
"db": "BID",
"id": "35232"
},
{
"date": "2009-07-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001787"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200906-150"
},
{
"date": "2024-11-21T01:01:43.587000",
"db": "NVD",
"id": "CVE-2009-1122"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows Running on Microsoft IIS of WebDAV Vulnerabilities that prevent authentication from being extended",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001787"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200906-150"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.