Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1037

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1037
Last Modified 05 Sep 2008 05:36:38
Published 27 Feb 2008 02:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1037

Summary

Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.

Vulnerable Systems

Application

  • Packeteer Packetshaper 8.2.2

  • Packeteer Policycenter 8.2.2


References

BID - 27982

BUGTRAQ - 20080224 Packeteer Products File Listing XSS

SECTRACK - 1019501

SREASON - 3701

SECUNIA - 29119


Last Updated: 27 May 2016 10:47:01