Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1335

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2002-1335
Last Modified 05 Sep 2008 04:30:19
Published 11 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2002-1335

Summary

Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies.

Vulnerable Systems

Application

  • W3m 0.3.2


References

BID - 6793

REDHAT - RHSA-2003:044

XF - w3m-html-frame-xss(10842)

REDHAT - RHSA-2003:045

OSVDB - 6981

DEBIAN - DSA-251

DEBIAN - DSA-250

DEBIAN - DSA-249

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=124484

CONFIRM - http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev-en/200211.month/838.html

OPENPKG - OpenPKG-SA-2003.009

SECUNIA - 8053

SECUNIA - 8031

SECUNIA - 8016

SECUNIA - 8015


Last Updated: 27 May 2016 10:37:16