Unrated severityNVD Advisory· Published Dec 17, 2009· Updated Jun 16, 2026
CVE-2009-4354
CVE-2009-4354
Description
TransWARE Active! mail 2003 build 2003.0139.0871 and earlier does not properly secure the session ID in a session cookie, which allows remote attackers to hijack web sessions, probably related to the "secure" flag for cookies in SSL sessions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:transware:active\!_mail:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:transware:active\!_mail:*:*:*:*:*:*:*:*range: <=2003
- cpe:2.3:a:transware:active\!_mail:1.422:*:*:*:*:*:*:*
- cpe:2.3:a:transware:active\!_mail:2.0:*:*:*:*:*:*:*
- (no CPE)range: <= 2003 build 2003.0139.0871
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.