Lucene search

[email protected]CVE-2007-4142

HistoryAug 03, 2007 - 8:17 p.m.

CVE-2007-4142

2007-08-0320:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ibm

lotus

sametime

server

7.5.1

xss

vulnerability

web script

html

remote attackers

nvd

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.9%

JSON

Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting.

CPENameOperatorVersion
ibm:lotus_sametimeibm lotus sametimele7.5

CPE	Name	Operator	Version
ibm:lotus_sametime	ibm lotus sametime	le	7.5

References

osvdb.org/36462

secunia.com/advisories/26302

www-1.ibm.com/support/docview.wss?uid=swg21266789

www.securityfocus.com/bid/25167

www.securitytracker.com/id?1018502

www.vupen.com/english/advisories/2007/2734

exchange.xforce.ibmcloud.com/vulnerabilities/35731

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.9%

JSON

Related for CVE-2007-4142

cvelist1 prion1