Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5161

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5161
Last Modified 07 Mar 2011 10:00:11
Published 01 Oct 2007 01:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5161

Summary

Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS.

Vulnerable Systems

Application

  • I-systems Inc. Feedreader 3.10


References

XF - feedreader3-rssfeed-xss(36863)

VUPEN - ADV-2007-3316

BID - 25849

BUGTRAQ - 20070930 RE: feedreader3 has XSS vulnerability

BUGTRAQ - 20070928 feedreader3 has XSS vulnerability

SREASON - 3183

SECUNIA - 26996

OSVDB - 37409

FULLDISC - 20070930 Re: [Full-disclosure] feedreader3 has XSS vulnerability


Last Updated: 27 May 2016 10:46:06