Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Apr 23, 2026
CVE-2008-2318
CVE-2008-2318
Description
The WOHyperlink implementation in WebObjects in Apple Xcode tools before 3.1 appends local session IDs to generated non-local URLs, which allows remote attackers to obtain potentially sensitive information by reading the requests for these URLs.
Affected products
11cpe:2.3:a:apple:xcode:1.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:xcode:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode:2.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:xcode_tools:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:apple:xcode_tools:*:*:*:*:*:*:*:*range: <=3.0
- cpe:2.3:a:apple:xcode_tools:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:xcode_tools:2.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- lists.apple.com/archives/security-announce//2008/Jul/msg00002.htmlnvd
- secunia.com/advisories/31060nvd
- support.apple.com/kb/HT2352nvd
- www.securityfocus.com/bid/30191nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/2093/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43735nvd
News mentions
0No linked articles in our index yet.