{"vuid":"VU#837419","idnumber":"837419","name":"Netegrity SiteMinder does not adequately validate user input thereby allowing user to bypass filters via crafted URL","keywords":["Netegrity SiteMinder","user input","bypass filters","unicode"],"overview":"Netegrity SiteMinder does adequately vaildate HTTP requests containing malicious Unicode encodings.","clean_desc":"Netegrity SiteMinder is a platform for securing multiple web applications through a single point of user authentication. SiteMinder does not properly filter HTTP requests when those requests contain Unicode encodings.","impact":"The complete impact of this vulnerability is not yet known.","resolution":"Netegrity has reportedly released a patch, available from: http://support.netegrity.com/","workarounds":"","sysaffected":"","thanks":"Thanks to the SANS Institute for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["h","t","t","p",":","/","/","s","u","p","p","o","r","t",".","n","e","t","e","g","r","i","t","y",".","c","o","m","/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-08-24T16:34:53Z","publicdate":"2001-08-24T00:00:00Z","datefirstpublished":"2002-10-29T16:05:50Z","dateupdated":"2002-10-29T16:06:18Z","revision":4,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"6","cam_population":"6","cam_impact":"4","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"2.835","cam_scorecurrentwidelyknown":"3.51","cam_scorecurrentwidelyknownexploited":"6.21","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.835,"vulnote":null}