Lucene search

[email protected]CVE-2005-2982

HistorySep 20, 2005 - 12:03 a.m.

CVE-2005-2982

2005-09-2000:03:00

[email protected]

web.nvd.nist.gov

cve

2005

2982

cross-site scripting

xss

compaqhttpserver

remote attackers

web script

html

url

404 error page

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.9%

JSON

Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting 404 error page.

Affected configurations

NVD

Node

compaqcompaqhttpserverMatch2.1

CPENameOperatorVersion
compaq:compaqhttpservercompaq compaqhttpservereq2.1

CPE	Name	Operator	Version
compaq:compaqhttpserver	compaq compaqhttpserver	eq	2.1

References

marc.info/?l=bugtraq&m=112680922318639&w=2

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.9%

JSON

Related for CVE-2005-2982

nvd1 cvelist1