Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5647

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5647
Last Modified 07 Mar 2011 10:14:53
Published 17 Dec 2008 01:30:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5647

Summary

Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors.

Vulnerable Systems

Application

  • Trac

  • Trac 0.10

  • Trac 0.10.1

  • Trac 0.10.2

  • Trac 0.10.3

  • Trac 0.10.3.1

  • Trac 0.10.4

  • Trac 0.10.5

  • Trac 0.11

  • Trac 0.11.2

  • Trac 0.11.2.1

  • Trac 0.5

  • Trac 0.5.1

  • Trac 0.5.2

  • Trac 0.6

  • Trac 0.6.1

  • Trac 0.7

  • Trac 0.7.1

  • Trac 0.8

  • Trac 0.8.1

  • Trac 0.8.2

  • Trac 0.8.3

  • Trac 0.8.4

  • Trac 0.9

  • Trac 0.9.1

  • Trac 0.9.2

  • Trac 0.9.3

  • Trac 0.9.4

  • Trac 0.9.5

  • Trac 0.9.6


References

XF - trac-html-sanitizer-phishing(46491)

VUPEN - ADV-2008-3080

BID - 32226

CONFIRM - http://trac.edgewall.org/wiki/ChangeLog

SECUNIA - 32652


Last Updated: 27 May 2016 10:48:52