Lucene search
Japan Vulnerability NotesJVN:87910097HistoryDec 09, 2014 - 12:00 a.m.
JVN#87910097: i-HTTPD vulnerable to cross-site scripting
2014-12-0900:00:00
Japan Vulnerability Notes
jvn.jp
18
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
69.8%
i-HTTPD is a web server for Windows. i-HTTPD contains a flaw in processing HTTP header, which may lead to cross-site scripting (CWE-79).
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Do not use i-HTTPD
i-HTTPD is no longer being developed or maintained. It is recommended to stop using i-HTTPD.
Products Affected
- i-HTTPD
Related
cvelist
cvelist
CVE-2014-7261
2014-12-12 00:00:00
CVE-2014-7263
2014-12-12 00:00:00
nvd
nvd
CVE-2014-7261
2014-12-12 00:59:01
CVE-2014-7263
2014-12-12 00:59:03
prion
prion
Cross site scripting
2014-12-12 00:59:00
Cross site scripting
2014-12-12 00:59:00
cve
cve
CVE-2014-7263
2014-12-12 00:59:03
CVE-2014-7261
2014-12-12 00:59:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
69.8%
Related for JVN:87910097