Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7017

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-7017
Last Modified 21 Aug 2009 12:00:00
Published 21 Aug 2009 10:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-7017

Summary

Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other versions before 20080928, allows remote attackers to inject arbitrary web script or HTML via the CN (CommonName) field in the subject of an X.509 certificate.

Vulnerable Systems

Application

  • Cacert 20080921


References

XF - cacert-analyse-xss(45515)

BID - 31481

MISC - http://www.cynops.de/advisories/AKLINK-SA-2008-007.txt


Last Updated: 27 May 2016 10:49:26