Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2161

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-2161
Last Modified 20 Jun 2012 12:00:00
Published 20 Jun 2012 06:27:28
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2161

Summary

Cross-site scripting (XSS) vulnerability in deferredView.jsp in IBM Eclipse Help System (IEHS), as used in IBM Security AppScan Source 7.x and 8.x before 8.6 and IBM SPSS Data Collection Developer Library 6.0 and 6.0.1, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Vulnerable Systems

Application

  • Ibm Security Appscan Source 7.0

  • Ibm Security Appscan Source 8.0

  • Ibm Security Appscan Source 8.0.0.1

  • Ibm Security Appscan Source 8.0.0.2

  • Ibm Security Appscan Source 8.5

  • Ibm Security Appscan Source 8.5.0.1

  • Ibm Spss Data Collection 6.0

  • Ibm Spss Data Collection 6.0.1


References

XF - iehs-multiple-xss(74833)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21598423

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21596690


Last Updated: 27 May 2016 10:56:32