Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2276

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2276
Last Modified 05 Sep 2008 04:51:21
Published 26 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2276

Summary

Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.

Vulnerable Systems

Application

  • Novell Groupwise Webaccess 6.0

  • Novell Groupwise Webaccess 6.5


References

XF - novell-groupwise-webaccess-xss(21421)

CONFIRM - http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098301.htm

SECUNIA - 16098

BUGTRAQ - 20050719 [ISR] - Novell Groupwise WebAccess Cross-Site Scripting

BID - 14310

OSVDB - 18064

MISC - http://www.infobyte.com.ar/adv/ISR-11.html

SECTRACK - 1014515


Last Updated: 27 May 2016 10:40:28