Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3091

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3091
Last Modified 05 Sep 2008 04:53:26
Published 28 Sep 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3091

Summary

Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, as identified by bug#0005751 "thraxisp".

Vulnerable Systems

Application

  • Mantis 0.10.0

  • Mantis 0.10.1

  • Mantis 0.10.2

  • Mantis 0.11.0

  • Mantis 0.11.1

  • Mantis 0.12.0

  • Mantis 0.13.0

  • Mantis 0.13.1

  • Mantis 0.14.0

  • Mantis 0.14.1

  • Mantis 0.14.2

  • Mantis 0.14.3

  • Mantis 0.14.4

  • Mantis 0.14.5

  • Mantis 0.14.6

  • Mantis 0.14.7

  • Mantis 0.14.8

  • Mantis 0.15.0

  • Mantis 0.15.1

  • Mantis 0.15.10

  • Mantis 0.15.11

  • Mantis 0.15.12

  • Mantis 0.15.2

  • Mantis 0.15.3

  • Mantis 0.15.4

  • Mantis 0.15.5

  • Mantis 0.15.6

  • Mantis 0.15.7

  • Mantis 0.15.8

  • Mantis 0.15.9

  • Mantis 0.16.0

  • Mantis 0.16.1

  • Mantis 0.17.0

  • Mantis 0.17.1

  • Mantis 0.17.2

  • Mantis 0.17.3

  • Mantis 0.17.4

  • Mantis 0.17.4a

  • Mantis 0.17.5

  • Mantis 0.18.0

  • Mantis 0.18.0 Rc1

  • Mantis 0.18.0a1

  • Mantis 0.18.0a2

  • Mantis 0.18.0a3

  • Mantis 0.18.0a4

  • Mantis 0.18.1

  • Mantis 0.18.2

  • Mantis 0.18.3

  • Mantis 0.19.0

  • Mantis 0.19.0 Rc1

  • Mantis 0.19.0a1

  • Mantis 0.19.0a2

  • Mantis 0.19.1

  • Mantis 0.19.2

  • Mantis 0.9.0

  • Mantis 0.9.1

  • Mantis 1.0.0a1

  • Mantis 1.0.0a2

  • Mantis 1.0.0a3


References

CONFIRM - http://www.mantisbt.org/changelog.php

BID - 15227

DEBIAN - DSA-905

SECUNIA - 17654

SECUNIA - 16506


Last Updated: 27 May 2016 10:40:48