Lucene search
Gentoo FoundationMGASA-2014-0317HistoryAug 06, 2014 - 12:08 a.m.
Updated ocsinventory packages fix security vulnerability
2014-08-0600:08:48
Gentoo Foundation
advisories.mageia.org
7
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
42.8%
Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (CVE-2014-4722). Also, the web interface has been fixed to work with Apache HTTPD 2.4.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | ocsinventory | < 2.0.5-2.2 | ocsinventory-2.0.5-2.2.mga3 |
| Mageia | 4 | noarch | ocsinventory | < 2.0.5-3.2 | ocsinventory-2.0.5-3.2.mga4 |
Related
openvas
openvas
Fedora Update for ocsinventory FEDORA-2014-8227
2014-07-21 00:00:00
Fedora Update for ocsinventory FEDORA-2014-8218
2014-07-21 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : ocsinventory (MDVSA-2014:156)
2014-08-08 00:00:00
Fedora 19 : ocsinventory-2.0.5-8.fc19 (2014-8218)
2014-07-21 00:00:00
Fedora 20 : ocsinventory-2.0.5-8.fc20 (2014-8227)
2014-07-21 00:00:00
ubuntucve
ubuntucve
CVE-2014-4722
2014-07-07 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ocsinventory-2.0.5-8.fc20
2014-07-19 06:00:07
[SECURITY] Fedora 19 Update: ocsinventory-2.0.5-8.fc19
2014-07-19 06:02:34
debiancve
debiancve
CVE-2014-4722
2014-07-07 14:55:00
prion
prion
Cross site scripting
2014-07-07 14:55:00
securityvulns
securityvulns
[ MDVSA-2014:156 ] ocsinventory
2014-08-26 00:00:00
cve
cve
CVE-2014-4722
2014-07-07 14:55:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
42.8%
Related for MGASA-2014-0317