Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5760

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5760
Last Modified 26 Feb 2009 02:04:54
Published 30 Dec 2008 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5760

Summary

Cross-site scripting (XSS) vulnerability in error413.php in Kerio MailServer before 6.6.2 allows remote attackers to inject arbitrary web script or HTML via the sent parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Kerio Mailserver 5.0

  • Kerio Mailserver 5.1

  • Kerio Mailserver 5.1.1

  • Kerio Mailserver 5.6.3

  • Kerio Mailserver 5.6.4

  • Kerio Mailserver 5.6.5

  • Kerio Mailserver 5.7.0

  • Kerio Mailserver 5.7.1

  • Kerio Mailserver 5.7.10

  • Kerio Mailserver 5.7.2

  • Kerio Mailserver 5.7.3

  • Kerio Mailserver 5.7.4

  • Kerio Mailserver 5.7.5

  • Kerio Mailserver 5.7.6

  • Kerio Mailserver 5.7.7

  • Kerio Mailserver 5.7.8

  • Kerio Mailserver 5.7.9

  • Kerio Mailserver 6.0

  • Kerio Mailserver 6.0.0

  • Kerio Mailserver 6.0.1

  • Kerio Mailserver 6.0.10

  • Kerio Mailserver 6.0.2

  • Kerio Mailserver 6.0.3

  • Kerio Mailserver 6.0.4

  • Kerio Mailserver 6.0.5

  • Kerio Mailserver 6.0.6

  • Kerio Mailserver 6.0.7

  • Kerio Mailserver 6.0.8

  • Kerio Mailserver 6.0.9

  • Kerio Mailserver 6.1.1

  • Kerio Mailserver 6.1.2

  • Kerio Mailserver 6.1.3

  • Kerio Mailserver 6.1.3 Patch 1

  • Kerio Mailserver 6.1.4

  • Kerio Mailserver 6.2.0

  • Kerio Mailserver 6.2.1

  • Kerio Mailserver 6.2.2

  • Kerio Mailserver 6.3.0

  • Kerio Mailserver 6.3.1

  • Kerio Mailserver 6.3.1 P1

  • Kerio Mailserver 6.3.1 P2

  • Kerio Mailserver 6.4.0

  • Kerio Mailserver 6.4.1

  • Kerio Mailserver 6.4.2

  • Kerio Mailserver 6.5.0

  • Kerio Mailserver 6.5.1

  • Kerio Mailserver 6.5.2

  • Kerio Mailserver 6.6.0

  • Kerio Mailserver 6.6.1


References

BID - 32863

XF - mailserver-error413-xss(47398)

VUPEN - ADV-2008-3442

CONFIRM - http://www.kerio.com/security_advisory.html

CONFIRM - http://www.kerio.com/kms_history.html

SECUNIA - 32955


Last Updated: 27 May 2016 10:48:54