Unrated severityNVD Advisory· Published Jan 8, 2015· Updated Jun 17, 2026
CVE-2014-9575
CVE-2014-9575
Description
VDG Security SENSE (formerly DIVA) before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : (colon) character in the Authorization HTTP header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:vdgsecurity:vdg_sense:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vdgsecurity:vdg_sense:*:*:*:*:*:*:*:*range: <=2.3.14
- (no CPE)range: <2.3.15
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.htmlnvdExploit
- seclists.org/fulldisclosure/2014/Dec/76nvdExploit
- www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141218-0_VDG_Security_SENSE_Multiple_critical_vulnerabilities_v10.txtnvdExploit
- vdgsecurity.com/downloads/software/nvdVendor Advisory
News mentions
0No linked articles in our index yet.