Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2884

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-2884
Last Modified 05 Sep 2008 04:52:55
Published 14 Sep 2005 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2884

Summary

Cross-site scripting (XSS) vulnerability in events.php in Land Down Under (LDU) 801 and earlier allows remote attackers to inject arbitrary web script or HTML via the Description field in an event.

Vulnerable Systems

Application

  • Neocrome Land Down Under 601

  • Neocrome Land Down Under 602

  • Neocrome Land Down Under 700.01

  • Neocrome Land Down Under 700.02

  • Neocrome Land Down Under 700.03

  • Neocrome Land Down Under 700.04

  • Neocrome Land Down Under 700.05

  • Neocrome Land Down Under 701

  • Neocrome Land Down Under 800

  • Neocrome Land Down Under 801


References

XF - landdownunder-events-neventtext-xss(22195)

BID - 14746

SECUNIA - 16710

BUGTRAQ - 20050905 Land Down Under 'events.php' Cross Site Scripting Vulnerability


Last Updated: 27 May 2016 10:40:40