Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3972

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-3972
Last Modified 07 Mar 2011 09:27:27
Published 03 Dec 2005 02:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-3972

Summary

Cross-site scripting (XSS) vulnerability in extremesearch.php in Extreme Search Corporate Edition 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.

Vulnerable Systems

Application

  • Extreme Corporate Extreme Search Corporate 6.0


References

VUPEN - ADV-2005-2687

BID - 15675

OSVDB - 21336

SECUNIA - 17816

MISC - http://pridels0.blogspot.com/2005/12/extreme-search-corporate-edition-6x.html


Last Updated: 27 May 2016 10:41:08