Lucene search

Japan Vulnerability NotesJVN:84376800

HistorySep 12, 2014 - 12:00 a.m.

JVN#84376800: Help Page in multiple Adobe products vulnerable to cross-site scripting

2014-09-1200:00:00

Japan Vulnerability Notes

jvn.jp

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.017 Low

EPSS

Percentile

88.0%

JSON

The Help page provided in multiple Adobe products contains a cross-site scripting vulnerability.

Impact

An arbitrary script may be executed on the user’s web browser.

Solution

Update the software
Update to the latest version of the product according to the information provided by the developer.

According to the developer, the Help pages available on the developer’s website were also affected by this vulnerability and fixed these pages as well.

Products Affected

Adobe Acrobat 9.5.2 and earlier
ColdFusion 8.0.1 and earlier

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.017 Low

EPSS

Percentile

88.0%

JSON

Related for JVN:84376800