Details of VAR-200905-0167

ID

VAR-200905-0167

CVE

CVE-2009-1593

TITLE

Armorlogic Profense Web Application Firewall Cross-site scripting attacks (XSS) Vulnerability to be executed

Trust: 0.8

sources: JVNDB: JVNDB-2009-003399

DESCRIPTION

Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "negative model," which allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element. Profense Web Application Firewall is prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform various web-application attacks. Versions *prior to* the following are vulnerable: Profense 2.4.4 Profense 2.2.22. 0A (encoded newline) bypasses XSS protection mechanisms and executes arbitrary code within the user's browser session

Trust: 1.98

sources: NVD: CVE-2009-1593 // JVNDB: JVNDB-2009-003399 // BID: 35053 // VULHUB: VHN-39039

AFFECTED PRODUCTS

vendor:	armorlogic	model:	profense web application firewall	scope:	eq	version:	2.4	Trust: 1.6
vendor:	armorlogic	model:	profense web application firewall	scope:	lte	version:	2.2.21	Trust: 1.0
vendor:	armorlogic	model:	profense web application firewall	scope:	lt	version:	2.2.22	Trust: 0.8
vendor:	armorlogic	model:	profense web application firewall	scope:	eq	version:	2.2.21	Trust: 0.6
vendor:	armorlogic	model:	profense	scope:	eq	version:	2.4.2	Trust: 0.3
vendor:	armorlogic	model:	profense	scope:	eq	version:	2.2.20	Trust: 0.3
vendor:	armorlogic	model:	profense	scope:	ne	version:	2.4.4	Trust: 0.3
vendor:	armorlogic	model:	profense	scope:	ne	version:	2.2.22	Trust: 0.3

sources: BID: 35053 // JVNDB: JVNDB-2009-003399 // CNNVD: CNNVD-200905-261 // NVD: CVE-2009-1593

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-1593
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2009-1593
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200905-261
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-39039
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-1593
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-39039
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-39039 // JVNDB: JVNDB-2009-003399 // CNNVD: CNNVD-200905-261 // NVD: CVE-2009-1593

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-39039 // JVNDB: JVNDB-2009-003399 // NVD: CVE-2009-1593

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200905-261

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-200905-261

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-003399

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-39039

PATCH

title:

Top Page

url:

http://www.armorlogic.com/

Trust: 0.8

sources: JVNDB: JVNDB-2009-003399

EXTERNAL IDS

db:	NVD	id:	CVE-2009-1593	Trust: 2.8
db:	BID	id:	35053	Trust: 2.0
db:	JVNDB	id:	JVNDB-2009-003399	Trust: 0.8
db:	MLIST	id:	[WEBSECURITY] 20090519 [WEB SECURITY] TRUSTWAVE'S SPIDERLABS SECURITY ADVISORY TWSL2009-001 AND ENABLESECURITY ADVISORY ES-20090500	Trust: 0.6
db:	BUGTRAQ	id:	20090520 ARMORLOGIC PROFENSE WEB APPLICATION FIREWALL 2.4 MULTIPLE VULNERABILITIES.	Trust: 0.6
db:	XF	id:	50663	Trust: 0.6
db:	CNNVD	id:	CNNVD-200905-261	Trust: 0.6
db:	SEEBUG	id:	SSVID-86259	Trust: 0.1
db:	EXPLOIT-DB	id:	33002	Trust: 0.1
db:	VULHUB	id:	VHN-39039	Trust: 0.1

sources: VULHUB: VHN-39039 // BID: 35053 // JVNDB: JVNDB-2009-003399 // CNNVD: CNNVD-200905-261 // NVD: CVE-2009-1593

REFERENCES

url:	http://www.securityfocus.com/bid/35053	Trust: 1.7
url:	http://www.webappsec.org/lists/websecurity/archive/2009-05/msg00040.html	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/503649/100/0/threaded	Trust: 1.1
url:	http://resources.enablesecurity.com/advisories/es-20090500-profense.txt	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/50663	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1593	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1593	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/50663	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/503649/100/0/threaded	Trust: 0.6
url:	http://www.armorlogic.com/index.html	Trust: 0.3
url:	/archive/1/503649	Trust: 0.3

sources: VULHUB: VHN-39039 // BID: 35053 // JVNDB: JVNDB-2009-003399 // CNNVD: CNNVD-200905-261 // NVD: CVE-2009-1593

CREDITS

Sandro GauciWendel Guglielmetti Henrique

Trust: 0.6

sources: CNNVD: CNNVD-200905-261

SOURCES

db:	VULHUB	id:	VHN-39039
db:	BID	id:	35053
db:	JVNDB	id:	JVNDB-2009-003399
db:	CNNVD	id:	CNNVD-200905-261
db:	NVD	id:	CVE-2009-1593

LAST UPDATE DATE

2025-04-10T23:09:20.742000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-39039	date:	2018-10-10T00:00:00
db:	BID	id:	35053	date:	2009-05-21T20:50:00
db:	JVNDB	id:	JVNDB-2009-003399	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200905-261	date:	2009-05-23T00:00:00
db:	NVD	id:	CVE-2009-1593	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-39039	date:	2009-05-21T00:00:00
db:	BID	id:	35053	date:	2009-05-20T00:00:00
db:	JVNDB	id:	JVNDB-2009-003399	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200905-261	date:	2009-05-21T00:00:00
db:	NVD	id:	CVE-2009-1593	date:	2009-05-21T14:30:00.437