Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3343

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-3343
Last Modified 11 Jun 2012 12:00:00
Published 08 Jun 2012 08:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3343

Summary

Cross-site request forgery (CSRF) vulnerability in Microdasys before 3.5.1-B708, as used in Bloxx Web Filtering before 5.0.14 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that trigger error pages containing XSS sequences, a different vulnerability than CVE-2012-2564.

Vulnerable Systems

Application

  • Bloxx Web Filtering 5.0.13


References

CERT-VN - VU#722963

CONFIRM - http://www.kb.cert.org/vuls/id/MAPG-8R9LBY


Last Updated: 27 May 2016 10:49:37