Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3423

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-3423
Last Modified 29 Aug 2013 02:33:21
Published 19 Sep 2011 08:02:57
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3423

Summary

Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Tibco Managed File Transfer Command Center 6.7

  • Tibco Managed File Transfer Command Center 7.0

  • Tibco Managed File Transfer Command Center 7.0.1

  • Tibco Managed File Transfer Command Center 7.1.0

  • Tibco Managed File Transfer Internet Server 6.7

  • Tibco Managed File Transfer Internet Server 7.0

  • Tibco Managed File Transfer Internet Server 7.0.1

  • Tibco Managed File Transfer Internet Server 7.1.0

  • Tibco Slingshot 1.8.0


References

XF - managed-file-unspecified-xss(69806)

CONFIRM - http://www.tibco.com/services/support/advisories/mft-slingshot-advisory_20110913.jsp

CONFIRM - http://www.tibco.com/multimedia/mft-slingshot_advisory_20110913_tcm8-14340.txt

BID - 49619

OSVDB - 75396

SECTRACK - 1026051

SECUNIA - 45976


Last Updated: 27 May 2016 10:57:42