Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3161

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3161
Last Modified 19 Aug 2009 01:16:59
Published 14 Jul 2008 02:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3161

Summary

Multiple cross-site scripting (XSS) vulnerabilities in jsp/common/system/debug.jsp in IBM Maximo 4.1 and 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Accept, (2) Accept-Language, (3) UA-CPU, (4) Accept-Encoding, (5) User-Agent, or (6) Cookie HTTP header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Ibm Maximo 4.1

  • Ibm Maximo 5.2


References

XF - ibm-maximo-debug-xss(43730)

BID - 30180


Last Updated: 27 May 2016 10:48:06