Lucene search

[email protected]CVE-2008-0643

HistoryMar 12, 2008 - 12:44 a.m.

CVE-2008-0643

2008-03-1200:44:00

CWE-79

[email protected]

web.nvd.nist.gov

cve

adobe

coldfusion

xss

vulnerability

web script

html

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.4%

JSON

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

adobecoldfusionMatch7.0

adobecoldfusionMatch7.0.1

adobecoldfusionMatch7.0.2

adobecoldfusionMatch8.0

CPENameOperatorVersion
adobe:coldfusionadobe coldfusioneq7.0
adobe:coldfusionadobe coldfusioneq7.0.1
adobe:coldfusionadobe coldfusioneq7.0.2
adobe:coldfusionadobe coldfusioneq8.0

CPE	Name	Operator	Version
adobe:coldfusion	adobe coldfusion	eq	7.0
adobe:coldfusion	adobe coldfusion	eq	7.0.1
adobe:coldfusion	adobe coldfusion	eq	7.0.2
adobe:coldfusion	adobe coldfusion	eq	8.0

References

secunia.com/advisories/29332

www.adobe.com/support/security/bulletins/apsb08-06.html

www.securityfocus.com/bid/28205

www.securitytracker.com/id?1019589

www.vupen.com/english/advisories/2008/0862/references

exchange.xforce.ibmcloud.com/vulnerabilities/41144

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.4%

JSON

Related for CVE-2008-0643

cvelist1 nvd1 prion1 seebug1