Lucene search
Japan Vulnerability NotesJVN:89613370HistoryDec 09, 2014 - 12:00 a.m.
JVN#89613370: i-HTTPD vulnerable to cross-site scripting
2014-12-0900:00:00
Japan Vulnerability Notes
jvn.jp
20
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.7%
i-HTTPD is a web server for Windows. i-HTTPD contains a flaw in generating a directory index page, which may lead to a cross-site scripting (CWE-79).
Impact
An arbitrary script may be executed on the user’s web browser.
Solution
Do not use i-HTTPD
i-HTTPD is no longer being developed or maintained. It is recommended to stop using i-HTTPD.
Products Affected
- i-HTTPD
Related
nvd
nvd
CVE-2014-7263
2014-12-12 00:59:03
CVE-2014-7261
2014-12-12 00:59:01
prion
prion
Cross site scripting
2014-12-12 00:59:00
Cross site scripting
2014-12-12 00:59:00
cve
cve
CVE-2014-7261
2014-12-12 00:59:01
CVE-2014-7263
2014-12-12 00:59:03
cvelist
cvelist
CVE-2014-7263
2014-12-12 00:00:00
CVE-2014-7261
2014-12-12 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.7%
Related for JVN:89613370