Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4455

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4455
Last Modified 05 Sep 2008 04:56:55
Published 21 Dec 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4455

Summary

cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.

Vulnerable Systems

Application

  • Livejournal


References

SECUNIA - 18157

CONFIRM - http://cvs.livejournal.org/browse.cgi/livejournal/cgi-bin/cleanhtml.pl


Last Updated: 27 May 2016 10:41:18