Lucene search

[email protected]CVE-2011-1976

HistoryAug 10, 2011 - 9:55 p.m.

CVE-2011-1976

2011-08-1021:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2011-1976

cross-site scripting

xss

report viewer control

microsoft visual studio 2005 sp1

report viewer 2005 sp1

nvd

5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.927 High

EPSS

Percentile

99.0%

JSON

Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka “Report Viewer Controls XSS Vulnerability.”

CPENameOperatorVersion
microsoft:visual_studiomicrosoft visual studioeq2005
microsoft:report_viewermicrosoft report viewereq2005

CPE	Name	Operator	Version
microsoft:visual_studio	microsoft visual studio	eq	2005
microsoft:report_viewer	microsoft report viewer	eq	2005

References

marc.info/?l=bugtraq&m=145326307707460&w=2

www.securityfocus.com/bid/49033

www.us-cert.gov/cas/techalerts/TA11-221A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-067

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04945270

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12773

5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.927 High

EPSS

Percentile

99.0%

JSON

Related for CVE-2011-1976

checkpoint_advisories1 mskb1 openvas2 prion1 nessus1 securityvulns2 packetstorm1