Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4488

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4488
Last Modified 15 Nov 2008 01:57:13
Published 22 Aug 2007 07:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4488

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gigaset SE361 WLAN router with firmware 1.00.0 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI immediately following the filename for (1) a GIF filename, which triggers display of the GIF file in text format and an unspecified denial of service (crash); or (2) the login.tri filename, which triggers a continuous loop of the browser attempting to visit the login page.

Vulnerable Systems


References

BUGTRAQ - 20070821 SIEMENS Gigaset SE361 router XSS

OSVDB - 45842

OSVDB - 45841

SREASON - 3050


Last Updated: 27 May 2016 10:45:53