Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5949

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2007-5949
Last Modified 07 Mar 2011 10:01:33
Published 13 Nov 2007 08:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2007-5949

Summary

Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated users to inject arbitrary web script or HTML via the Description parameter in a Maximo change action.

Vulnerable Systems

Application

  • Ibm Tivoli Service Desk 6.2


References

XF - ibm-maximo-description-xss(38214)

VUPEN - ADV-2007-3709

BID - 26305

AIXAPAR - IZ06387

SECUNIA - 27472

OSVDB - 38394


Last Updated: 27 May 2016 10:46:20