Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1696

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1696
Last Modified 21 Nov 2011 10:56:07
Published 07 Oct 2011 10:52:52
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1696

Summary

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972.

Vulnerable Systems

Application

  • Novell Identity Manager Roles Based Provisioning Module 3.6.0

  • Novell Identity Manager Roles Based Provisioning Module 3.6.1

  • Novell Identity Manager Roles Based Provisioning Module 3.7.0

  • Novell Identity Manager Roles Based Provisioning Module 4.0.0

  • Novell Identity Manager User Application 3.5.0

  • Novell Identity Manager User Application 3.5.1

  • Novell Identity Manager User Application 3.6.0

  • Novell Identity Manager User Application 3.6.1

  • Novell Identity Manager User Application 3.7.0

  • Novell Identity Manager User Application 4.0.0


References

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=692972

SECTRACK - 1026138

BID - 49935

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112271.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112270.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112250.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5112230.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html

CONFIRM - http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111710.html


Last Updated: 27 May 2016 10:56:24