Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3730

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3730
Last Modified 18 Mar 2009 01:41:05
Published 20 Aug 2008 12:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3730

Summary

Cross-site scripting (XSS) vulnerability in Nordicwind Document Management System (NOAH) before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Nordicwind Document Management System 1.5.0

  • Nordicwind Document Management System 1.5.0b

  • Nordicwind Document Management System 1.5.1

  • Nordicwind Document Management System 1.5.2

  • Nordicwind Document Management System 1.5.3

  • Nordicwind Document Management System 1.5.4

  • Nordicwind Document Management System 1.5.5

  • Nordicwind Document Management System 2.0.1

  • Nordicwind Document Management System 2.1.1

  • Nordicwind Document Management System 2.1.3

  • Nordicwind Document Management System 2.1.4

  • Nordicwind Document Management System 2.1.5

  • Nordicwind Document Management System 2.1.6

  • Nordicwind Document Management System 2.2.1

  • Nordicwind Document Management System 3.1.1

  • Nordicwind Document Management System 3.1.3

  • Nordicwind Document Management System 3.2.1

  • Nordicwind Noah 1.5.0

  • Nordicwind Noah 1.5.0b

  • Nordicwind Noah 1.5.1

  • Nordicwind Noah 1.5.2

  • Nordicwind Noah 1.5.3

  • Nordicwind Noah 1.5.4

  • Nordicwind Noah 1.5.5

  • Nordicwind Noah 2.0.1

  • Nordicwind Noah 2.1.1

  • Nordicwind Noah 2.1.3

  • Nordicwind Noah 2.1.4

  • Nordicwind Noah 2.1.5

  • Nordicwind Noah 2.1.6

  • Nordicwind Noah 2.2.1

  • Nordicwind Noah 3.1.1

  • Nordicwind Noah 3.1.3

  • Nordicwind Noah 3.2.1


References

XF - noah-unspecified-xss(44535)

BID - 30747

CONFIRM - http://www.nordicwind.ca/noah/bugs/inputval.html

SECUNIA - 31543

OSVDB - 47558


Last Updated: 27 May 2016 10:48:16