Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0038

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2003-0038
Last Modified 05 Sep 2008 04:33:18
Published 07 Feb 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0038

Summary

Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.

Vulnerable Systems

Application

  • Gnu Mailman 2.1


References

DEBIAN - DSA-436

CONFIRM - http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt

BUGTRAQ - 20030124 Mailman: cross-site scripting bug

XF - mailman-email-variable-xss(11152)

SECTRACK - 1005987

BID - 6677

OSVDB - 9205


Last Updated: 27 May 2016 10:37:45