Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0375

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0375
Last Modified 05 Sep 2008 04:27:52
Published 29 May 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0375

Summary

Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows remote attackers to execute arbitrary Javascript via a URL with the script in the HTNAME parameter.

Vulnerable Systems

Application

  • Ecometry Sgdynamo 5.32

  • Ecometry Sgdynamo 6.1

  • Ecometry Sgdynamo 7.0


References

XF - sgdynamo-htname-parameter-xss(9830)

OSVDB - 3458

VULN-DEV - 20020417 Smalls holes on 5 products #1

BUGTRAQ - 20020510 Fix available for Sgdynamo


Last Updated: 27 May 2016 10:36:53