4.3
CVE-2003-1578
- EPSS 0.29%
- Published 05.02.2010 22:30:01
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning with a "format=" substring, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Data is provided by the National Vulnerability Database (NVD)
Sun ≫ One Web Server Updatesp12 Version <= 4.1
Sun ≫ One Web Server Version4.1
Sun ≫ One Web Server Version4.1 Updatesp1
Sun ≫ One Web Server Version4.1 Updatesp10
Sun ≫ One Web Server Version4.1 Updatesp11
Sun ≫ One Web Server Version4.1 Updatesp2
Sun ≫ One Web Server Version4.1 Updatesp3
Sun ≫ One Web Server Version4.1 Updatesp4
Sun ≫ One Web Server Version4.1 Updatesp5
Sun ≫ One Web Server Version4.1 Updatesp6
Sun ≫ One Web Server Version4.1 Updatesp7
Sun ≫ One Web Server Version4.1 Updatesp8
Sun ≫ One Web Server Version4.1 Updatesp9
Sun ≫ One Web Server Updatesp5 Version <= 6.0
Sun ≫ One Web Server Version6.0
Sun ≫ One Web Server Version6.0 Updatesp1
Sun ≫ One Web Server Version6.0 Updatesp2
Sun ≫ One Web Server Version6.0 Updatesp3
Sun ≫ One Web Server Version6.0 Updatesp4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.49 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|