Lucene search

[email protected]CVE-2004-1690

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1690

2005-02-2005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1690

cross-site scripting

xss

web server

dns4me

vulnerability

security

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

JSON

Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.

Affected configurations

NVD

Node

rhinosoftdns4meMatch3.0.0.4

CPENameOperatorVersion
rhinosoft:dns4merhinosoft dns4meeq3.0.0.4

CPE	Name	Operator	Version
rhinosoft:dns4me	rhinosoft dns4me	eq	3.0.0.4

References

marc.info/?l=bugtraq&m=109552436811493&w=2

secunia.com/advisories/12595

securitytracker.com/id?1011334

www.gulftech.org/?node=research&article_id=00049-09162004

www.securityfocus.com/bid/11213

exchange.xforce.ibmcloud.com/vulnerabilities/17425

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

JSON

Related for CVE-2004-1690

cvelist1 nvd1