4.3
CVE-2010-2274
- EPSS 1.89%
- Veröffentlicht 15.06.2010 14:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, util/buildscripts/jslib/buildUtil.js, and util/doh/runner.html.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dojotoolkit ≫ Dojo Version1.0
Dojotoolkit ≫ Dojo Version1.0.1
Dojotoolkit ≫ Dojo Version1.0.2
Dojotoolkit ≫ Dojo Version1.1
Dojotoolkit ≫ Dojo Version1.1.1
Dojotoolkit ≫ Dojo Version1.2
Dojotoolkit ≫ Dojo Version1.2.1
Dojotoolkit ≫ Dojo Version1.2.2
Dojotoolkit ≫ Dojo Version1.2.3
Dojotoolkit ≫ Dojo Version1.3
Dojotoolkit ≫ Dojo Version1.3.1
Dojotoolkit ≫ Dojo Version1.3.2
Dojotoolkit ≫ Dojo Version1.4
Dojotoolkit ≫ Dojo Version1.4.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.89% | 0.769 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/
http://secunia.com/advisories/38964
http://secunia.com/advisories/40007
http://www-01.ibm.com/support/docview.wss?uid=swg21431472
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50833
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50849
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50856
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50896
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50932
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50958
http://www-1.ibm.com/support/docview.wss?uid=swg1LO50994
http://www.vupen.com/english/advisories/2010/1281