Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1157

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1157
Last Modified 05 Sep 2008 04:25:49
Published 12 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1157

Summary

Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode.

Vulnerable Systems

Operating System

  • Baltimore Technologies Websweeper 4.0

  • Baltimore Technologies Websweeper 4.02


References

BID - 3173

BID - 3172

BUGTRAQ - 20010812 Various problems in Baltimore's WEBSweeper Script filter ing


Last Updated: 27 May 2016 10:36:32