Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4305

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-4305
Last Modified 07 Mar 2011 09:27:58
Published 16 Dec 2005 07:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-4305

Summary

Cross-site scripting (XSS) vulnerability in Edgewall Trac 0.9, 0.9.1, and 0.9.2 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page.

Vulnerable Systems

Application

  • Edgewall Software Trac 0.9

  • Edgewall Software Trac 0.9.1

  • Edgewall Software Trac 0.9.2


References

XF - trac-url-path-xss(23775)

VUPEN - ADV-2005-2936

BID - 16386

GENTOO - GLSA-200601-12

SECTRACK - 1015363

SECUNIA - 18625

SECUNIA - 18048

CONFIRM - http://projects.edgewall.com/trac/wiki/ChangeLog


Last Updated: 27 May 2016 10:41:15