Lucene search

[email protected]NVD:CVE-2003-0992

HistoryFeb 17, 2004 - 5:00 a.m.

CVE-2003-0992

2004-02-1705:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

71.3%

JSON

Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.

Affected configurations

Nvd

Node

gnumailmanRange≤2.1.3

VendorProductVersionCPE
gnumailman*cpe:2.3:a:gnu:mailman:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gnu	mailman	*	cpe:2.3:a:gnu:mailman::::::::

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842

mail.python.org/pipermail/mailman-announce/2003-September/000061.html

www.mandriva.com/security/advisories?name=MDKSA-2004:013

www.redhat.com/support/errata/RHSA-2004-020.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A815

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

71.3%

JSON

Related for NVD:CVE-2003-0992

cvelist1 nessus3 openvas2 freebsd1 debiancve1 cve1