Back to search
CVE-2009-4354
Published: Dec 17, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not properly secure the session ID in a session cookie, which allows remote attackers to hijack web sessions, probably related to the "secure" flag for cookies in SSL sessions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
JVN#36207497
third-party-advisory
x_refsource_JVN
http://www.transware.co.jp/support_am/security/vulnerability1.html
x_refsource_CONFIRM
activemail2003-cookie-info-disclosure(54752)
vdb-entry
x_refsource_XF
JVNDB-2009-000077
third-party-advisory
x_refsource_JVNDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now