Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1027

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1027
Last Modified 05 Sep 2008 04:29:35
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1027

Summary

Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter.

Vulnerable Systems

Application

  • Macromedia Sitespring 1.2.0


References

BID - 5249

XF - sitespring-500error-xss(9588)

BUGTRAQ - 20020717 KPMG-2002032: Macromedia Sitespring Cross Site Scripting

VULNWATCH - 20020717 [VulnWatch] KPMG-2002032: Macromedia Sitespring Cross Site Scripting


Last Updated: 27 May 2016 10:37:10