Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3739

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3739
Last Modified 10 Oct 2008 02:01:35
Published 27 Aug 2008 04:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3739

Summary

Cross-site scripting (XSS) vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving upload of files containing XSS sequences.

Vulnerable Systems

Application

  • Spacetag Lacoodast 2.1.3

  • System Consultants La Cooda Wiz 1.4.0


References

XF - lacooda-unspecified-xss(44593)

CONFIRM - http://www.spacetag.jp/modules/products/index.php?id=54

BID - 30791

CONFIRM - http://wiz.syscon.co.jp/Details.htm

SECUNIA - 31582

SECUNIA - 31574

JVNDB - JVNDB-2008-000048

JVN - JVN#52557009

JVN - JVN#27417220


Last Updated: 27 May 2016 10:48:18