Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3714

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3714
Last Modified 07 Mar 2011 10:11:13
Published 19 Aug 2008 03:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3714

Summary

Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the query_string, a different vulnerability than CVE-2006-3681 and CVE-2006-1945.

Vulnerable Systems

Application

  • Awstats 6.8


References

FEDORA - FEDORA-2008-7684

FEDORA - FEDORA-2008-7663

XF - awstats-awstats-xss(44504)

VUPEN - ADV-2008-2399

UBUNTU - USN-686-1

SECTRACK - 1020704

BID - 30730

MANDRIVA - MDVSA-2008:203

DEBIAN - DSA-1679

CONFIRM - http://sourceforge.net/tracker/index.php?func=detail&aid=2001151&group_id=13764&atid=113764

SECUNIA - 33002

SECUNIA - 32939

SECUNIA - 31759

SECUNIA - 31519

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495432

CONFIRM - http://awstats.sourceforge.net/docs/awstats_changelog.txt


Last Updated: 27 May 2016 10:48:16