Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5472

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5472
Last Modified 07 Mar 2011 10:00:45
Published 22 Oct 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5472

Summary

Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer.

Vulnerable Systems

Application

  • Ca Host-based Intrusion Prevention System 8


References

CONFIRM - http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp

SECUNIA - 27301

VUPEN - ADV-2007-3547

OSVDB - 37998

XF - ca-hips-log-xss(37285)

BID - 26134

BUGTRAQ - 20071019 [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability

SECTRACK - 1018839


Last Updated: 27 May 2016 10:46:10