NuytsTech Security

CVE-2003-1311

by ·

siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter.

Date published : 2006-12-15

http://curl.haxx.se/mail/archive-2003-05/0172.html

http://www.osvdb.org/30741

Tags: