Lucene search

[email protected]CVE-2009-3105

HistorySep 08, 2009 - 10:30 p.m.

CVE-2009-3105

2009-09-0822:30:00

CWE-79

[email protected]

web.nvd.nist.gov

ibm

lotus

inotes

xss

vulnerability

security

ibm lotus

domino web access

dwa

nvd

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

64.8%

JSON

Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.

CPENameOperatorVersion
ibm:domino_web_accessibm domino web accesseq8.0.1

CPE	Name	Operator	Version
ibm:domino_web_access	ibm domino web access	eq	8.0.1

References

secunia.com/advisories/36626

www-01.ibm.com/support/docview.wss?uid=swg27016745

www.securityfocus.com/bid/36292

www.vupen.com/english/advisories/2009/2557

exchange.xforce.ibmcloud.com/vulnerabilities/53086

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

64.8%

JSON

Related for CVE-2009-3105

prion1 cvelist1