Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6460

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6460
Last Modified 05 Sep 2008 05:33:17
Published 19 Dec 2007 07:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6460

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote attackers to inject arbitrary web script or HTML via the URI, which is later displayed by (1) log.php or (2) logerror.php, a different vulnerability than CVE-2007-6459.

Vulnerable Systems

Application

  • Anon Proxy Server 0.101


References

CONFIRM - http://sourceforge.net/forum/forum.php?forum_id=761265

CONFIRM - http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/logerror.php?r1=245&r2=325

CONFIRM - http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/log.php?r1=284&r2=325

CONFIRM - http://anonproxyserver.svn.sourceforge.net/viewvc/anonproxyserver/trunk/anon_proxy_server/


Last Updated: 27 May 2016 10:46:30