Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3754

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3754
Last Modified 07 Mar 2011 09:27:05
Published 22 Nov 2005 04:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3754

Summary

Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message.

Vulnerable Systems


References

BID - 15509

OSVDB - 20978

SECTRACK - 1015246

VUPEN - ADV-2005-2500

BUGTRAQ - 20051121 Google Search Appliance proxystylesheet Flaws

SECUNIA - 17644

MISC - http://metasploit.com/research/vulns/google_proxystylesheet/


Last Updated: 27 May 2016 10:41:02