Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0944

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0944
Last Modified 05 Sep 2008 04:29:21
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0944

Summary

Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program.

Vulnerable Systems

Application

  • Deepmetrix Livestats 6.2


References

BID - 5047

XF - livestats-report-execute-code(9390)

CONFIRM - http://www.deepmetrix.com/log_analyzer/xsp/service/release_notes/index.asp

BUGTRAQ - 20020617 DeepMetrix LiveStats javascript injection


Last Updated: 27 May 2016 10:37:08