Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1006

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2002-1006
Last Modified 05 Sep 2008 04:29:31
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2002-1006

Summary

Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl.

Vulnerable Systems

Application

  • Bbc Education Betsie 1.5

  • Bbc Education Betsie 1.5.1

  • Bbc Education Betsie 1.5.10

  • Bbc Education Betsie 1.5.11

  • Bbc Education Betsie 1.5.2

  • Bbc Education Betsie 1.5.3

  • Bbc Education Betsie 1.5.4

  • Bbc Education Betsie 1.5.5

  • Bbc Education Betsie 1.5.6

  • Bbc Education Betsie 1.5.7

  • Bbc Education Betsie 1.5.8

  • Bbc Education Betsie 1.5.9


References

BID - 5135

XF - betsie-parserl-xss(9468)

CONFIRM - http://www.bbc.co.uk/education/betsie/parser.pl.txt

BUGTRAQ - 20020701 PTL-2002-03 Betsie XSS Vuln


Last Updated: 27 May 2016 10:37:10