Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2096

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-2096
Last Modified 05 Sep 2008 04:43:11
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2096

Summary

Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL.

Vulnerable Systems

Application

  • Mephistoles Internet Suite Mephistoles Httpd 0.6 Final

  • Mephistoles Internet Suite Mephistoles Httpd 0.6 P1

  • Mephistoles Internet Suite Mephistoles Httpd 0.6 P2


References

BID - 9470

BUGTRAQ - 20040121 Mephistoles Httpd 0.6.0final XSS

XF - mephistoles-httpd-xss(14899)

OSVDB - 3689

SECUNIA - 10693


Last Updated: 27 May 2016 10:39:21