Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5095

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5095
Last Modified 30 Oct 2012 11:06:47
Published 14 Nov 2008 02:20:54
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5095

Summary

Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Vulnerable Systems

Application

  • Novell Identity Manager Roles Based Provisioning Module 3.6.0

  • Novell Identity Manager Roles Based Provisioning Module 3.6.1

  • Novell User Application 3.0.1

  • Novell User Application 3.5.0

  • Novell User Application 3.5.1


References

SECTRACK - 1020793

SECTRACK - 1020792

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=7001157&sliceId=1

BID - 30947


Last Updated: 27 May 2016 10:49:47