Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1102

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1102
Last Modified 10 Mar 2011 10:51:18
Published 25 Feb 2011 02:00:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1102

Summary

Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • F-secure Policy Manager 7.00

  • F-secure Policy Manager 8.00

  • F-secure Policy Manager 8.10

  • F-secure Policy Manager 8.11

  • F-secure Policy Manager 9.00


References

CONFIRM - http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2011-2.html

XF - fsecure-webreporting-xss(65665)

VUPEN - ADV-2011-0509

SECTRACK - 1025124

BID - 46547

SECUNIA - 43049


Last Updated: 27 May 2016 10:56:09