Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2595

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2595
Last Modified 05 Sep 2008 04:52:10
Published 17 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2595

Summary

Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages.

Vulnerable Systems

Application

  • Dada Mail 2.8.10

  • Dada Mail 2.8.11

  • Dada Mail 2.8.12

  • Dada Mail 2.8.12 Beta

  • Dada Mail 2.8.13

  • Dada Mail 2.8.13 Alpha1

  • Dada Mail 2.8.13 Alpha2

  • Dada Mail 2.8.14 Alpha1

  • Dada Mail 2.8.14 Beta1

  • Dada Mail 2.8.14 Rc1

  • Dada Mail 2.8.14 Rc2

  • Dada Mail 2.8.15

  • Dada Mail 2.8.15 Alpha1

  • Dada Mail 2.8.15 Beta1

  • Dada Mail 2.8.15 Rc1

  • Dada Mail 2.8.16 Alpha1

  • Dada Mail 2.8.16 Alpha2

  • Dada Mail 2.8.16 Alpha3

  • Dada Mail 2.8.16 Alpha4

  • Dada Mail 2.9.0

  • Dada Mail 2.9.0 Beta1

  • Dada Mail 2.9.0 Beta2

  • Dada Mail 2.9.0 Rc1

  • Dada Mail 2.9.1

  • Dada Mail 2.9.2


References

SECUNIA - 16435

CONFIRM - http://mojo.skazat.com/download/testing_2_10_0_alpha1.html

BID - 14573


Last Updated: 27 May 2016 10:40:34