Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0917

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-0917
Last Modified 05 Sep 2008 05:36:20
Published 22 Feb 2008 06:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0917

Summary

Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and earlier, Simple BBS 1.3 and earlier, Interactive BBS 1.3 and earlier, Tor Board 1.1 and earlier, Simple Vote 1.1 and earlier, and Com Vote 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Tor World Com Vote 1.2

  • Tor World I-navigator 4.0

  • Tor World Interactive Bbs 1.3

  • Tor World Mobile Frontier 2.1

  • Tor World Quotes Of The Day 1.5

  • Tor World Simple Bbs 1.3

  • Tor World Simple Vote 1.1

  • Tor World Tor Board 1.1

  • Tor World Tor News 1.21

  • Tor World Tor Search 1.1


References

BID - 27919

SECUNIA - 29039

JVN - JVN#54593414

CONFIRM - http://download.torworld.com/bug/20080221.html


Last Updated: 27 May 2016 10:46:58