Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2318

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2002-2318
Last Modified 05 Sep 2008 04:32:54
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2002-2318

Summary

Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.

Vulnerable Systems

Application

  • Blueface Falcon Web Server 2.0.0.1009

  • Blueface Falcon Web Server 2.0.0.1020

  • Blueface Falcon Web Server 2.0.0.1021

  • Blueface Falcon Web Server 2.0.0.1021 Ssl


References

BID - 5435

XF - falcon-error-msg-xss(9812)

BUGTRAQ - 20020808 Cross-Site Scripting Issues in Falcon Web Server


Last Updated: 27 May 2016 10:37:42