Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2907

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2907
Last Modified 25 Mar 2010 12:00:00
Published 24 Mar 2010 06:45:15
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2907

Summary

Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before 4.0.3.2, and Hyperic HQ 4.1 Enterprise before 4.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the description field and unspecified "input fields."

Vulnerable Systems

Application

  • Springsource Application Management Suite 2.0.0

  • Springsource Hyperic Hq 4.0.0

  • Springsource Hyperic Hq 4.1.0

  • Springsource Hyperic Hq 4.2

  • Springsource Tc Server 6.0.20


References

CONFIRM - http://www.springsource.com/security/cve-2009-2907

BID - 38913


Last Updated: 27 May 2016 10:51:04