← Back

CVE-2003-1481

nvd nist
Published: Dec 31, 2003Modified: Apr 16, 2026

JSON object

Loading...
5.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:N
Exploitability: 8.6 / Impact: 4.9
Source: NVD

Description

CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.

Affected (14)

Stalker
1 product
Communigate Pro
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Stalker
Communigate Pro
Version 3.1
Communigate Pro
Version 3.2.4
Communigate Pro
Version 3.2_b5
Communigate Pro
Version 3.2_b7
Communigate Pro
Version 3.3.2
Communigate Pro
Version 3.3_b1
Communigate Pro
Version 3.3_b2
Communigate Pro
Version 3.4_b3
Communigate Pro
Version 4.0.1
Communigate Pro
Version 4.0.2
Communigate Pro
Version 4.0.3
Communigate Pro
Version 4.0.6
Communigate Pro
Version 4.0_b2
Communigate Pro
Version 4.0_b3

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitPatch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.