Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2672

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2672
Last Modified 05 Oct 2011 10:50:23
Published 20 Sep 2011 06:55:04
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2672

Summary

Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.98 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Christian Weiske Semanticscuttle 0.85

  • Christian Weiske Semanticscuttle 0.86

  • Christian Weiske Semanticscuttle 0.87

  • Christian Weiske Semanticscuttle 0.88

  • Christian Weiske Semanticscuttle 0.89

  • Christian Weiske Semanticscuttle 0.90

  • Christian Weiske Semanticscuttle 0.91

  • Christian Weiske Semanticscuttle 0.92

  • Christian Weiske Semanticscuttle 0.93

  • Christian Weiske Semanticscuttle 0.94

  • Christian Weiske Semanticscuttle 0.95

  • Christian Weiske Semanticscuttle 0.96

  • Christian Weiske Semanticscuttle 0.97


References

MISC - http://sourceforge.net/projects/semanticscuttle/files/SemanticScuttle/v0.98/SemanticScuttle-0.98.0.zip/download

XF - semanticscuttle-bookmarks-xss(69900)

BID - 49661

SECUNIA - 46031

OSVDB - 75585

JVNDB - JVNDB-2011-000074

JVN - JVN#28973089


Last Updated: 27 May 2016 10:57:04