Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2005-4831
HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4831

2005-12-3105:00:00
[email protected]
web.nvd.nist.gov
11

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.006

Percentile

78.6%

JSON

viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting (XSS) and other attacks, as demonstrated using (1) “text/html”, or (2) “image/jpeg” with an image that is rendered as HTML by Internet Explorer, a different vulnerability than CVE-2004-1062. NOTE: it was later reported that 0.9.4 is also affected.

Affected configurations

Nvd
Node
viewcvsviewcvsMatch0.9.2

Related

cvelist 2
cve 2
debiancve 1
nessus 2
ubuntucve 1
securityvulns 2
nvd 1
openvas 2
gentoo 1
cvelist
cvelist
CVE-2005-4831
2007-03-03 19:00:00
CVE-2004-1062
2004-12-31 05:00:00
cve
cve
CVE-2005-4831
2007-03-03 19:00:00
CVE-2004-1062
2004-12-31 05:00:00
debiancve
debiancve
CVE-2005-4831
2007-03-03 19:00:00
nessus
nessus
ViewCVS < 1.0.0 Multiple Vulnerabilities
2004-12-28 00:00:00
GLSA-200412-26 : ViewCVS: Information leak and XSS vulnerabilities
2004-12-28 00:00:00
ubuntucve
ubuntucve
CVE-2004-1062
2004-12-28 00:00:00
securityvulns
securityvulns
ViewCVS 0.9.4 issues
2007-02-27 00:00:00
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2007-03-28 00:00:00
nvd
nvd
CVE-2004-1062
2004-12-28 05:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200412-26 (ViewCVS)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200412-26 (ViewCVS)
2008-09-24 00:00:00
gentoo
gentoo
ViewCVS: Information leak and XSS vulnerabilities
2004-12-28 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.006

Percentile

78.6%

JSON
Related for NVD:CVE-2005-4831
cvelist2cve2debiancve1nessus2ubuntucve1securityvulns2nvd1openvas2gentoo1