漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2012-010958
漏洞标题:京东团购敏感信息泄漏
相关厂商:京东商城
漏洞作者: 笔墨
提交时间:2012-08-16 12:58
修复时间:2012-08-21 12:59
公开时间:2012-08-21 12:59
漏洞类型:敏感信息泄露
危害等级:中
自评Rank:7
漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2012-08-16: 细节已通知厂商并且等待厂商处理中
2012-08-21: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
配置不当。
详细说明:
漏洞证明:
Ice_UnknownException Object ( [unknown] => Thread.cpp:521: IceUtil::ThreadSyscallException: syscall exception: Resource temporarily unavailable [message:protected] => [string:Exception:private] => [code:protected] => 0 [file:protected] => /export/data/tomcatRoot/tuan.360buy.com/include/library/Ice.class.php [line:protected] => 22 [trace:Exception:private] => Array ( [0] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/include/library/Ice.class.php [line] => 22 [function] => Ice_initialize [args] => Array ( ) ) [1] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/include/function/iceUtils.php [line] => 201 [function] => findIce [class] => IceUtil [type] => :: [args] => Array ( [0] => RpcJdUserService ) ) [2] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/include/function/iceUtils.php [line] => 159 [function] => getJdUser [args] => Array ( [0] => dosbear ) ) [3] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/include/classes/ZLogin.class.php [line] => 37 [function] => inituser [args] => Array ( [0] => 233E96400AD0D2F381C7F3FFA68A4AFDB96526624BD9D76A37CD300B5CAF2F90860B776D73752781BEB5723CBE828EA3B9FACD9DE31176470C296E26815A5B3F7D94493B2F4CFFB115CA88D65D11F7386ACB99B6C02B20CFC0059F424B613A212A8480286BDAB37B9249987C468A89A542413BC36D4C0A4FA224919607A852A7BCD37C58E95B1914328661A6829ED8B7 [1] => 4ef687a948709891d0cfc2ab64b43661 ) ) [4] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/include/classes/ZLogin.class.php [line] => 26 [function] => initUserInfo [class] => ZLogin [type] => :: [args] => Array ( [0] => 233E96400AD0D2F381C7F3FFA68A4AFDB96526624BD9D76A37CD300B5CAF2F90860B776D73752781BEB5723CBE828EA3B9FACD9DE31176470C296E26815A5B3F7D94493B2F4CFFB115CA88D65D11F7386ACB99B6C02B20CFC0059F424B613A212A8480286BDAB37B9249987C468A89A542413BC36D4C0A4FA224919607A852A7BCD37C58E95B1914328661A6829ED8B7 [1] => 4ef687a948709891d0cfc2ab64b43661 ) ) [5] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/app.php [line] => 26 [function] => GetLoginId [class] => ZLogin [type] => :: [args] => Array ( ) ) [6] => Array ( [file] => /export/data/tomcatRoot/tuan.360buy.com/forward.php [line] => 9 [args] => Array ( [0] => /export/data/tomcatRoot/tuan.360buy.com/app.php ) [function] => require_once ) ) [previous:Exception:private] => )
修复方案:
技术人员都懂的。
版权声明:转载请注明来源 笔墨@乌云
漏洞回应
厂商回应:
危害等级:无影响厂商忽略
忽略时间:2012-08-21 12:59
厂商回复:
最新状态:
暂无