Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2575

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-2575
Last Modified 18 Sep 2012 12:00:00
Published 17 Sep 2012 10:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2575

Summary

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.

Vulnerable Systems

Application

  • Netwin Surgemail 6.0


References

EXPLOIT-DB - 20363


Last Updated: 27 May 2016 11:00:42