ID

VAR-201112-0297


CVE

CVE-2011-4707


TITLE

SAP NetWeaver Cross-Site Request Forgery Vulnerability

Trust: 0.8

sources: IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-4916

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet. The CTC service has an error when performing some verification checks and can be utilized to access user management and OS command execution functions. Inputs passed to the BAPI Explorer through partial transactions are missing prior to use and can be exploited to inject arbitrary HTML and script code that can be executed on the target user's browser when viewed maliciously. When using transaction \"sa38\", RSTXSCRP reports an error and can be exploited to inject any UNC path through the \"File Name\" field. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. TH_GREP reports an error when processing a partial SOAP request, and can inject any SHELL command with the \"<STRING>\" parameter. The SPML service allows users to perform cross-site request forgery attacks, and can log in to the user administrator context to perform arbitrary operations, such as creating arbitrary users. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities, a path traversal vulnerability, an html-injection vulnerability, a cross-site request-forgery vulnerability, and an authentication-bypass vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, disclose sensitive information, perform certain administrative actions, gain unauthorized access, or bypass certain security restrictions

Trust: 7.02

sources: NVD: CVE-2011-4707 // JVNDB: JVNDB-2011-003325 // CNVD: CNVD-2011-4917 // CNVD: CNVD-2011-4911 // CNVD: CNVD-2011-4913 // CNVD: CNVD-2011-4914 // CNVD: CNVD-2011-4912 // CNVD: CNVD-2011-4915 // CNVD: CNVD-2011-4916 // BID: 50680 // IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d // IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d // IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d // IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d // IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d // IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d // IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // VULMON: CVE-2011-4707

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 5.6

sources: IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d // IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d // IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d // IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d // IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d // IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-4916 // CNVD: CNVD-2011-4917 // CNVD: CNVD-2011-4915 // CNVD: CNVD-2011-4912 // CNVD: CNVD-2011-4914 // CNVD: CNVD-2011-4913 // CNVD: CNVD-2011-4911

AFFECTED PRODUCTS

vendor:sapmodel:netweaverscope:eqversion:7.0

Trust: 5.9

vendor:sapmodel:netweaver sp15scope:eqversion:7.0

Trust: 4.5

vendor:sapmodel:netweaver sp8scope:eqversion:7.0

Trust: 4.5

vendor:sapmodel:netweaverscope:eqversion:7.10

Trust: 4.5

vendor:sapmodel:netweaverscope:eqversion:7.30

Trust: 4.5

vendor:sapmodel:netweaverscope:eqversion:7.02

Trust: 4.5

vendor:sapmodel:netweaverscope:eqversion:7.01

Trust: 4.5

vendor:sapmodel:netweaver sp15scope:eqversion:7.0*

Trust: 1.4

vendor:sapmodel:netweaver sp8scope:eqversion:7.0*

Trust: 1.4

vendor:sapmodel:netweaverscope:eqversion:7.10*

Trust: 1.4

vendor:sapmodel:netweaverscope:eqversion:7.30*

Trust: 1.4

vendor:sapmodel:netweaverscope:eqversion:7.02*

Trust: 1.4

vendor:sapmodel:netweaverscope:eqversion:7.01*

Trust: 1.4

vendor:sapmodel:netweaverscope: - version: -

Trust: 1.4

vendor:sapmodel:netweaverscope:eqversion:*

Trust: 1.0

sources: IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d // IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d // IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d // IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d // IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d // IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-4916 // CNVD: CNVD-2011-4917 // CNVD: CNVD-2011-4915 // CNVD: CNVD-2011-4912 // CNVD: CNVD-2011-4914 // CNVD: CNVD-2011-4913 // CNVD: CNVD-2011-4911 // BID: 50680 // JVNDB: JVNDB-2011-003325 // CNNVD: CNNVD-201112-122 // NVD: CVE-2011-4707

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4707
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4707
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201112-122
value: MEDIUM

Trust: 0.6

IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULMON: CVE-2011-4707
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4707
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d // IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d // IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d // IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d // IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d // IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d // VULMON: CVE-2011-4707 // JVNDB: JVNDB-2011-003325 // CNNVD: CNNVD-201112-122 // NVD: CVE-2011-4707

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2011-003325 // NVD: CVE-2011-4707

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-122

TYPE

Cross-site scripting

Trust: 1.4

sources: IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d // IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d // IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d // IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d // IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d // IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003325

PATCH

title:Acknowledgments to Security Researchers - 1546307url:http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a

Trust: 0.8

title:Patch for SAP NetWeaver Cross-Site Request Forgery Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/5913

Trust: 0.6

title:Patch for SAP NetWeaver Feature Access Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/5922

Trust: 0.6

title:Patch for SAP NetWeaver Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/5912

Trust: 0.6

title:Patch for SAP NetWeaver Cross-Site Scripting Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/5909

Trust: 0.6

title:Patch for SAP NetWeaver Path Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/5911

Trust: 0.6

title:Patch for SAP NetWeaver 'page' parameter cross-site scripting vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/5910

Trust: 0.6

title:SAP Netweaver Script Injection Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/5908

Trust: 0.6

sources: CNVD: CNVD-2011-4916 // CNVD: CNVD-2011-4917 // CNVD: CNVD-2011-4915 // CNVD: CNVD-2011-4912 // CNVD: CNVD-2011-4914 // CNVD: CNVD-2011-4913 // CNVD: CNVD-2011-4911 // JVNDB: JVNDB-2011-003325

EXTERNAL IDS

db:BIDid:50680

Trust: 4.6

db:NVDid:CVE-2011-4707

Trust: 4.2

db:CNNVDid:CNNVD-201112-122

Trust: 2.0

db:CNVDid:CNVD-2011-4916

Trust: 0.8

db:CNVDid:CNVD-2011-4915

Trust: 0.8

db:CNVDid:CNVD-2011-4914

Trust: 0.8

db:CNVDid:CNVD-2011-4917

Trust: 0.8

db:CNVDid:CNVD-2011-4913

Trust: 0.8

db:CNVDid:CNVD-2011-4912

Trust: 0.8

db:CNVDid:CNVD-2011-4911

Trust: 0.8

db:JVNDBid:JVNDB-2011-003325

Trust: 0.8

db:BUGTRAQid:20111117 [DSECRG-11-036] SAP NETWAVER VIRUS SCAN INTERFACE - MULTIPLE XSS

Trust: 0.6

db:IVDid:3B9467EC-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:3D199B1E-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:3E98D306-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:3A022216-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:40204C22-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:4119FC7C-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:4247BD6E-1F7F-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULMONid:CVE-2011-4707

Trust: 0.1

sources: IVD: 3b9467ec-1f7f-11e6-abef-000c29c66e3d // IVD: 3d199b1e-1f7f-11e6-abef-000c29c66e3d // IVD: 3e98d306-1f7f-11e6-abef-000c29c66e3d // IVD: 3a022216-1f7f-11e6-abef-000c29c66e3d // IVD: 40204c22-1f7f-11e6-abef-000c29c66e3d // IVD: 4119fc7c-1f7f-11e6-abef-000c29c66e3d // IVD: 4247bd6e-1f7f-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-4916 // CNVD: CNVD-2011-4917 // CNVD: CNVD-2011-4915 // CNVD: CNVD-2011-4912 // CNVD: CNVD-2011-4914 // CNVD: CNVD-2011-4913 // CNVD: CNVD-2011-4911 // VULMON: CVE-2011-4707 // BID: 50680 // JVNDB: JVNDB-2011-003325 // CNNVD: CNNVD-201112-122 // NVD: CVE-2011-4707

REFERENCES

url:http://dsecrg.com/pages/vul/show.php?id=336

Trust: 2.0

url:https://service.sap.com/sap/support/notes/1546307

Trust: 1.7

url:http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a

Trust: 1.7

url:http://www.securityfocus.com/archive/1/520554/100/0/threaded

Trust: 1.1

url:https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/

Trust: 1.1

url:http://dsecrg.com/pages/vul/show.php?id=341

Trust: 0.9

url:http://dsecrg.com/pages/vul/show.php?id=335

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4707

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4707

Trust: 0.8

url:http://dsecrg.com/pages/vul/show.php?id=340http

Trust: 0.6

url:http://dsecrg.com/pages/vul/show.php?id=339http

Trust: 0.6

url:http://dsecrg.com/pages/vul/show.php?id=336http

Trust: 0.6

url:http://dsecrg.com/pages/vul/show.php?id=338http

Trust: 0.6

url:http://dsecrg.com/pages/vul/show.php?id=337http

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/520554/100/0/threaded

Trust: 0.6

url:http://erpscan.com/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/

Trust: 0.6

url:http://dsecrg.com/pages/vul/show.php?id=337

Trust: 0.3

url:http://dsecrg.com/pages/vul/show.php?id=339

Trust: 0.3

url:http://dsecrg.com/pages/vul/show.php?id=340

Trust: 0.3

url:http://dsecrg.com/pages/vul/show.php?id=338

Trust: 0.3

url:http://www.sap.com/platform/netweaver/index.epx

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/79.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.securityfocus.com/bid/50680

Trust: 0.1

sources: CNVD: CNVD-2011-4916 // CNVD: CNVD-2011-4917 // CNVD: CNVD-2011-4915 // CNVD: CNVD-2011-4912 // CNVD: CNVD-2011-4914 // CNVD: CNVD-2011-4913 // CNVD: CNVD-2011-4911 // VULMON: CVE-2011-4707 // BID: 50680 // JVNDB: JVNDB-2011-003325 // CNNVD: CNNVD-201112-122 // NVD: CVE-2011-4707

CREDITS

Dmitriy Chastuchin, Dmitriy Evdokimov, Alexandr Polyakov and Alexey Tyurin of Digital Security Research Group (DSecRG)

Trust: 0.3

sources: BID: 50680

SOURCES

db:IVDid:3b9467ec-1f7f-11e6-abef-000c29c66e3d
db:IVDid:3d199b1e-1f7f-11e6-abef-000c29c66e3d
db:IVDid:3e98d306-1f7f-11e6-abef-000c29c66e3d
db:IVDid:3a022216-1f7f-11e6-abef-000c29c66e3d
db:IVDid:40204c22-1f7f-11e6-abef-000c29c66e3d
db:IVDid:4119fc7c-1f7f-11e6-abef-000c29c66e3d
db:IVDid:4247bd6e-1f7f-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-4916
db:CNVDid:CNVD-2011-4917
db:CNVDid:CNVD-2011-4915
db:CNVDid:CNVD-2011-4912
db:CNVDid:CNVD-2011-4914
db:CNVDid:CNVD-2011-4913
db:CNVDid:CNVD-2011-4911
db:VULMONid:CVE-2011-4707
db:BIDid:50680
db:JVNDBid:JVNDB-2011-003325
db:CNNVDid:CNNVD-201112-122
db:NVDid:CVE-2011-4707

LAST UPDATE DATE

2024-11-07T22:20:37.715000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-4916date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4917date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4915date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4912date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4914date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4913date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4911date:2011-11-16T00:00:00
db:VULMONid:CVE-2011-4707date:2018-12-10T00:00:00
db:BIDid:50680date:2013-02-14T12:21:00
db:JVNDBid:JVNDB-2011-003325date:2011-12-13T00:00:00
db:CNNVDid:CNNVD-201112-122date:2011-12-09T00:00:00
db:NVDid:CVE-2011-4707date:2018-12-10T19:29:00.420

SOURCES RELEASE DATE

db:IVDid:3b9467ec-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:IVDid:3d199b1e-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:IVDid:3e98d306-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:IVDid:3a022216-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:IVDid:40204c22-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:IVDid:4119fc7c-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:IVDid:4247bd6e-1f7f-11e6-abef-000c29c66e3ddate:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4916date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4917date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4915date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4912date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4914date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4913date:2011-11-16T00:00:00
db:CNVDid:CNVD-2011-4911date:2011-11-16T00:00:00
db:VULMONid:CVE-2011-4707date:2011-12-08T00:00:00
db:BIDid:50680date:2011-11-15T00:00:00
db:JVNDBid:JVNDB-2011-003325date:2011-12-13T00:00:00
db:CNNVDid:CNNVD-201112-122date:2011-12-09T00:00:00
db:NVDid:CVE-2011-4707date:2011-12-08T19:55:03.720