Lucene search
Japan Vulnerability NotesJVN:45389864HistoryJun 19, 2008 - 12:00 a.m.
JVN#45389864 CGIWrap error page cross-site scripting vulnerability
2008-06-1900:00:00
Japan Vulnerability Notes
jvn.jp
19
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.6%
CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms on the web server. CGIWrap contains a cross-site scripting vulnerability as it does not specify charset in the error page.
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Update the Software
Apply the latest update provided by the developer.
Products Affected
- CGIWrap 4.0 and earlier
Related
freebsd
freebsd
cgiwrap -- XSS Vulnerability
2008-06-19 00:00:00
openvas
openvas
FreeBSD Ports: cgiwrap
2009-01-20 00:00:00
FreeBSD Ports: cgiwrap
2009-01-20 00:00:00
prion
prion
Cross site scripting
2008-06-25 12:36:00
cve
cve
CVE-2008-2852
2008-06-25 12:36:00
nessus
nessus
CGIWrap Charset Specification Weakness Error Message XSS
2008-06-30 00:00:00
nvd
nvd
CVE-2008-2852
2008-06-25 12:36:00
cvelist
cvelist
CVE-2008-2852
2008-06-25 10:00:00
ubuntucve
ubuntucve
CVE-2008-2852
2008-06-25 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
65.6%
Related for JVN:45389864