Lucene search
HistoryAug 15, 2012 - 8:55 p.m.
CVE-2012-4037
cve
2012
4037
xss
vulnerabilities
transmission
web client
nvd
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.5%
Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or (3) name field in a torrent file.
Affected configurations
Node
transmissionbttransmissionRange≤2.60
ORtransmissionbttransmissionMatch0.1
ORtransmissionbttransmissionMatch0.2
ORtransmissionbttransmissionMatch0.3
ORtransmissionbttransmissionMatch0.4
ORtransmissionbttransmissionMatch0.5
ORtransmissionbttransmissionMatch0.6
ORtransmissionbttransmissionMatch0.6.1
ORtransmissionbttransmissionMatch0.70
ORtransmissionbttransmissionMatch0.71
ORtransmissionbttransmissionMatch0.72
ORtransmissionbttransmissionMatch0.80
ORtransmissionbttransmissionMatch0.81
ORtransmissionbttransmissionMatch0.82
ORtransmissionbttransmissionMatch0.90
ORtransmissionbttransmissionMatch0.91
ORtransmissionbttransmissionMatch0.92
ORtransmissionbttransmissionMatch0.93
ORtransmissionbttransmissionMatch0.94
ORtransmissionbttransmissionMatch0.95
ORtransmissionbttransmissionMatch0.96
ORtransmissionbttransmissionMatch1.00
ORtransmissionbttransmissionMatch1.01
ORtransmissionbttransmissionMatch1.02
ORtransmissionbttransmissionMatch1.2
ORtransmissionbttransmissionMatch1.03
ORtransmissionbttransmissionMatch1.04
ORtransmissionbttransmissionMatch1.05
ORtransmissionbttransmissionMatch1.06
ORtransmissionbttransmissionMatch1.10
ORtransmissionbttransmissionMatch1.11
ORtransmissionbttransmissionMatch1.20
ORtransmissionbttransmissionMatch1.21
ORtransmissionbttransmissionMatch1.22
ORtransmissionbttransmissionMatch1.30
ORtransmissionbttransmissionMatch1.31
ORtransmissionbttransmissionMatch1.32
ORtransmissionbttransmissionMatch1.33
ORtransmissionbttransmissionMatch1.34
ORtransmissionbttransmissionMatch1.40
ORtransmissionbttransmissionMatch1.41
ORtransmissionbttransmissionMatch1.42
ORtransmissionbttransmissionMatch1.50
ORtransmissionbttransmissionMatch1.51
ORtransmissionbttransmissionMatch1.52
ORtransmissionbttransmissionMatch1.53
ORtransmissionbttransmissionMatch1.54
ORtransmissionbttransmissionMatch1.60
ORtransmissionbttransmissionMatch1.61
ORtransmissionbttransmissionMatch1.70
ORtransmissionbttransmissionMatch1.71
ORtransmissionbttransmissionMatch1.72
ORtransmissionbttransmissionMatch1.73
ORtransmissionbttransmissionMatch1.74
ORtransmissionbttransmissionMatch1.75
ORtransmissionbttransmissionMatch1.76
ORtransmissionbttransmissionMatch1.77
ORtransmissionbttransmissionMatch1.80
ORtransmissionbttransmissionMatch1.81
ORtransmissionbttransmissionMatch1.82
ORtransmissionbttransmissionMatch1.83
ORtransmissionbttransmissionMatch1.90
ORtransmissionbttransmissionMatch1.91
ORtransmissionbttransmissionMatch1.92
ORtransmissionbttransmissionMatch1.93
ORtransmissionbttransmissionMatch2.00
ORtransmissionbttransmissionMatch2.01
ORtransmissionbttransmissionMatch2.02
ORtransmissionbttransmissionMatch2.03
ORtransmissionbttransmissionMatch2.04
ORtransmissionbttransmissionMatch2.10
ORtransmissionbttransmissionMatch2.11
ORtransmissionbttransmissionMatch2.12
ORtransmissionbttransmissionMatch2.13
ORtransmissionbttransmissionMatch2.20
ORtransmissionbttransmissionMatch2.21
ORtransmissionbttransmissionMatch2.22
ORtransmissionbttransmissionMatch2.30
ORtransmissionbttransmissionMatch2.31
ORtransmissionbttransmissionMatch2.32
ORtransmissionbttransmissionMatch2.33
ORtransmissionbttransmissionMatch2.40
ORtransmissionbttransmissionMatch2.41
ORtransmissionbttransmissionMatch2.42
ORtransmissionbttransmissionMatch2.50
ORtransmissionbttransmissionMatch2.51
ORtransmissionbttransmissionMatch2.52
Related
ubuntu
ubuntu
Transmission vulnerability
2012-09-26 00:00:00
ubuntucve
ubuntucve
CVE-2012-4037
2012-08-15 00:00:00
packetstorm
packetstorm
Transmission BitTorrent Cross Site Scripting
2012-07-28 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1584-1)
2012-09-27 00:00:00
Ubuntu Update for transmission USN-1584-1
2012-09-27 00:00:00
debiancve
debiancve
CVE-2012-4037
2012-08-15 20:55:03
nvd
nvd
CVE-2012-4037
2012-08-15 20:55:03
securityvulns
securityvulns
Transmission crossite scripting
2012-10-01 00:00:00
[USN-1584-1]Transmission vulnerability
2012-10-01 00:00:00
prion
prion
Cross site scripting
2012-08-15 20:55:00
nessus
nessus
Ubuntu 12.04 LTS : transmission vulnerability (USN-1584-1)
2012-09-27 00:00:00
cvelist
cvelist
CVE-2012-4037
2012-08-15 20:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.5%
Related for CVE-2012-4037