Details of VAR-200403-0021

ID

VAR-200403-0021

CVE

CVE-2004-0086

TITLE

apple's Apple Mac OS X Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2004-000759

DESCRIPTION

Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. apple's Apple Mac OS X Exists in unspecified vulnerabilities.None. Apple has released Security Update 2004-01-26 to address multiple previously known and newly discovered security vulnerabilities in Mac OS X 10.1.x through 10.3.x. Apache is a popular WEB server program. The mod_cgid module included with Apache has issues when using the threaded MPM, which can cause data redirection to leak sensitive information or improperly authorize access. When the threaded MPM is used, mod_cgid mishandles the CGI redirect path, which can lead to incorrectly directing CGI output to the client. Mis-redirecting data can reveal sensitive information or improperly authorize access

Trust: 1.98

sources: NVD: CVE-2004-0086 // JVNDB: JVNDB-2004-000759 // BID: 9504 // VULHUB: VHN-8516

AFFECTED PRODUCTS

vendor:	apple	model:	mac os x	scope:	eq	version:	10.3.2	Trust: 1.6
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	-	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	eq	version:	10.3.2	Trust: 0.8
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.1	Trust: 0.3

sources: BID: 9504 // JVNDB: JVNDB-2004-000759 // CNNVD: CNNVD-200403-021 // NVD: CVE-2004-0086

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-0086
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2004-0086
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200403-021
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-8516
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-0086
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-8516
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-8516 // JVNDB: JVNDB-2004-000759 // CNNVD: CNNVD-200403-021 // NVD: CVE-2004-0086

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2004-000759 // NVD: CVE-2004-0086

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200403-021

TYPE

Unknown

Trust: 0.9

sources: BID: 9504 // CNNVD: CNNVD-200403-021

PATCH

title:

lists.apple.com (msg00000)

url:

http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html

Trust: 0.8

sources: JVNDB: JVNDB-2004-000759

EXTERNAL IDS

db:	NVD	id:	CVE-2004-0086	Trust: 3.6
db:	BID	id:	9504	Trust: 2.8
db:	JVNDB	id:	JVNDB-2004-000759	Trust: 0.8
db:	CNNVD	id:	CNNVD-200403-021	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2004-01-26	Trust: 0.6
db:	VULHUB	id:	VHN-8516	Trust: 0.1

sources: VULHUB: VHN-8516 // BID: 9504 // JVNDB: JVNDB-2004-000759 // CNNVD: CNNVD-200403-021 // NVD: CVE-2004-0086

REFERENCES

url:	http://www.securityfocus.com/bid/9504	Trust: 2.5
url:	http://lists.apple.com/archives/security-announce/2004/jan/msg00000.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2004-0086	Trust: 0.8

sources: VULHUB: VHN-8516 // JVNDB: JVNDB-2004-000759 // CNNVD: CNNVD-200403-021 // NVD: CVE-2004-0086

CREDITS

Apache

Trust: 0.6

sources: CNNVD: CNNVD-200403-021

SOURCES

db:	VULHUB	id:	VHN-8516
db:	BID	id:	9504
db:	JVNDB	id:	JVNDB-2004-000759
db:	CNNVD	id:	CNNVD-200403-021
db:	NVD	id:	CVE-2004-0086

LAST UPDATE DATE

2024-08-14T12:11:19.575000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-8516	date:	2008-09-10T00:00:00
db:	BID	id:	9504	date:	2009-07-12T02:06:00
db:	JVNDB	id:	JVNDB-2004-000759	date:	2024-05-29T06:47:00
db:	CNNVD	id:	CNNVD-200403-021	date:	2005-10-28T00:00:00
db:	NVD	id:	CVE-2004-0086	date:	2008-09-10T19:25:05.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-8516	date:	2004-03-03T00:00:00
db:	BID	id:	9504	date:	2004-01-27T00:00:00
db:	JVNDB	id:	JVNDB-2004-000759	date:	2024-05-29T00:00:00
db:	CNNVD	id:	CNNVD-200403-021	date:	2003-07-18T00:00:00
db:	NVD	id:	CVE-2004-0086	date:	2004-03-03T05:00:00