Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4024

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4024
Last Modified 13 Feb 2012 11:09:35
Published 21 Oct 2011 02:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4024

Summary

Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Ocsinventory-ng Ocs Inventory Ng 1.0

  • Ocsinventory-ng Ocs Inventory Ng 1.01

  • Ocsinventory-ng Ocs Inventory Ng 1.02

  • Ocsinventory-ng Ocs Inventory Ng 1.02.1

  • Ocsinventory-ng Ocs Inventory Ng 2.0.1


References

CONFIRM - http://www.ocsinventory-ng.org/fr/accueil/nouvelles/version-2-0-2-stable.html

XF - ocsinventoryng-unspecified-xss(70406)

BID - 50011

EXPLOIT-DB - 18005

SECUNIA - 46311

OSVDB - 76135

SREASON - 8477


Last Updated: 27 May 2016 10:58:14