Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2907


Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2907
Last Modified 25 Mar 2010 12:00:00
Published 24 Mar 2010 06:45:15
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple cross-site scripting (XSS) vulnerabilities in SpringSource tc Server 6.0.20.B and earlier, Application Management Suite (AMS) before 2.0.0.SR4, Hyperic HQ Open Source before 4.2.x, Hyperic HQ 4.0 Enterprise before, and Hyperic HQ 4.1 Enterprise before allow remote attackers to inject arbitrary web script or HTML via the description field and unspecified "input fields."

Vulnerable Systems


  • Springsource Application Management Suite 2.0.0

  • Springsource Hyperic Hq 4.0.0

  • Springsource Hyperic Hq 4.1.0

  • Springsource Hyperic Hq 4.2

  • Springsource Tc Server 6.0.20



BID - 38913

Last Updated: 27 May 2016 10:51:04