Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1410

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-1410
Last Modified 05 Sep 2008 04:41:17
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-1410

Summary

Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing error message, a different vulnerability than CVE-2004-1229.

Vulnerable Systems

Application

  • Gadu-gadu Instant Messenger 6.0 Build149

  • Gadu-gadu Instant Messenger 6.0 Build150

  • Gadu-gadu Instant Messenger 6.0 Build151

  • Gadu-gadu Instant Messenger 6.0 Build152

  • Gadu-gadu Instant Messenger 6.0 Build153

  • Gadu-gadu Instant Messenger 6.0 Build154

  • Gadu-gadu Instant Messenger 6.0 Build155


References

BUGTRAQ - 20041217 Gadu-Gadu, another two bugs

BID - 11998

OSVDB - 12524

SECUNIA - 13450


Last Updated: 27 May 2016 10:39:01