Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1038

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1038
Last Modified 21 Sep 2011 11:29:23
Published 22 Feb 2011 02:00:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1038

Summary

Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO.

Vulnerable Systems

Application

  • Ibm Lotus Sametime 8.0.1


References

XF - sametime-stcenter-xss(65555)

BID - 46471

BUGTRAQ - 20110221 Domino Sametime Multiple Reflected Cross-Site Scripting

SREASON - 8100

SECUNIA - 43430


Last Updated: 27 May 2016 10:56:08