Vulnerability Note VU#202753
Autonomy Ultraseek URL redirection vulnerability
The Autonomy Ultraseek search engine contains a URL redirection vulnerability that may allow an attacker to redirect website users to other sites.
The Autonomy Ultraseek search engine contains a URL redirection vulnerability in the /cs.html?url= paramater. The destination URL can be obsfucated in the redirect by using URL encoding techniques. To exploit this issue, an attacker would need to get a user to click on a link or browse to a website.
An attacker may be able to redirect a user to any website.
Ultraseek administrators should contact Ultraseek support for information on how to obtain updated software that addresses this issue.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Ultraseek||Affected||08 Jan 2009||28 Jan 2009|
|Verity, Inc.||Affected||08 Jan 2009||28 Jan 2009|
CVSS Metrics (Learn More)
This document was written by Ryan Giobbi.
- CVE IDs: Unknown
- Date Public: 11 Jan 2009
- Date First Published: 28 Jan 2009
- Date Last Updated: 28 Jan 2009
- Severity Metric: 1.30
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.