Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0837

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0837
Last Modified 05 Sep 2008 04:29:04
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0837

Summary

wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script.

Vulnerable Systems

Application

  • Wordtrans-web 1.0 Beta2.2.4

  • Wordtrans-web 1.1 Pre8


References

BID - 5674

BID - 5671

REDHAT - RHSA-2002:188

XF - wordtrans-web-code-execution(10063)

XF - wordtrans-web-php-xss(10059)

MISC - http://www.guardent.com/comp_news_wordtrans-web.html#

BUGTRAQ - 20020908 Guardent Client Advisory: Multiple wordtrans-web Vulnerabilities


Last Updated: 27 May 2016 10:37:06