Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2507

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2507
Last Modified 27 Nov 2008 01:38:36
Published 29 May 2008 07:32:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2507

Summary

Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear Software Calcium 3.10 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the CalendarName parameter in a ShowIt action.

Vulnerable Systems

Application

  • Brown Bear Software Calcium 3.10

  • Brown Bear Software Calcium 4.0.4


References

XF - calcium-calcium40-xss(42704)

BID - 29411

BUGTRAQ - 20080528 Calcium web calendar: Reflected XSS

SECUNIA - 30431


Last Updated: 27 May 2016 10:47:53