Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0312

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-0312
Last Modified 06 Feb 2012 12:00:00
Published 26 Jan 2012 10:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0312

Summary

Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Oscommerce 2.2ms1j-r1

  • Oscommerce 2.2ms1j-r2

  • Oscommerce 2.2ms1j-r3

  • Oscommerce 2.2ms1j-r4

  • Oscommerce 2.2ms1j-r5

  • Oscommerce 2.2ms1j-r6a

  • Oscommerce 2.2ms1j-r7

  • Oscommerce 2.2ms1j-r8

  • Oscommerce Online Merchant 2.2

  • Oscommerce Online Merchant 2.3.0


References

CONFIRM - http://sourceforge.jp/forum/forum.php?forum_id=28119

JVNDB - JVNDB-2012-000005

JVN - JVN#64386898


Last Updated: 27 May 2016 10:58:07