Web Server Vulnerability in SmarterStats by SmarterTools
CVE-2011-2159

Currently unrated

Key Information:

Vendor: Smartertools
Status: Smarterstats
Vendor: CVE Published:; 20 May 2011

What is CVE-2011-2159?

The SmarterTools SmarterStats 6.0 web server is affected by a vulnerability that arises from the omission of the Content-Type header for specific resources. This insecure configuration may allow remote attackers to exploit interpretation conflicts involving various admin and client resources, potentially leading to an array of impacts. Key resources impacted include settings pages, XML files, and configuration scripts, indicating a risk for clients interacting with the affected web server. Proper mitigation measures should be considered to secure these resources.

References

http://xss.cx/examples/smarterstats-60-oscommandinjection...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/67823

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/MORO-8GYQR4

x_refsource_MISC

Timeline

Vulnerability published
May 20, 2011
Vulnerability Reserved
May 20, 2011

Smartertools

What is CVE-2011-2159?

References

Timeline