Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2003-1481

CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.

Published

2003-12-31T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

4.9

Weaknesses

Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	stalker	communigate_pro	3.1	Yes
Application	stalker	communigate_pro	3.2.4	Yes
Application	stalker	communigate_pro	3.2_b5	Yes
Application	stalker	communigate_pro	3.2_b7	Yes
Application	stalker	communigate_pro	3.3.2	Yes
Application	stalker	communigate_pro	3.3_b1	Yes
Application	stalker	communigate_pro	3.3_b2	Yes
Application	stalker	communigate_pro	3.4_b3	Yes
Application	stalker	communigate_pro	4.0.1	Yes
Application	stalker	communigate_pro	4.0.2	Yes
Application	stalker	communigate_pro	4.0.3	Yes
Application	stalker	communigate_pro	4.0.6	Yes
Application	stalker	communigate_pro	4.0_b2	Yes
Application	stalker	communigate_pro	4.0_b3	Yes

References

http://securityreason.com/securityalert/3290 ([email protected])
http://www.securityfocus.com/archive/1/320438 ([email protected])
http://www.securityfocus.com/bid/7501 Exploit, Patch ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/11932 ([email protected])
http://securityreason.com/securityalert/3290 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/320438 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/7501 Exploit, Patch (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11932 (af854a3a-2127-422b-91ae-364da2661108)