Lucene search

[email protected]NVD:CVE-2010-4146

HistoryNov 02, 2010 - 2:26 a.m.

CVE-2010-4146

2010-11-0202:26:22

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

65.5%

JSON

Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

attachmatereflection_for_the_webRange≤9.6

attachmatereflection_for_the_webRange≤2008r2

attachmatereflection_for_the_webMatch8.0

attachmatereflection_for_the_webMatch9.0

attachmatereflection_for_the_webMatch9.01

attachmatereflection_for_the_webMatch9.5

attachmatereflection_for_the_webMatch2008r1

VendorProductVersionCPE
attachmatereflection_for_the_web*cpe:2.3:a:attachmate:reflection_for_the_web:*:*:*:*:*:*:*:*
attachmatereflection_for_the_web*cpe:2.3:a:attachmate:reflection_for_the_web:*:r2:*:*:*:*:*:*
attachmatereflection_for_the_web8.0cpe:2.3:a:attachmate:reflection_for_the_web:8.0:*:*:*:*:*:*:*
attachmatereflection_for_the_web9.0cpe:2.3:a:attachmate:reflection_for_the_web:9.0:*:*:*:*:*:*:*
attachmatereflection_for_the_web9.01cpe:2.3:a:attachmate:reflection_for_the_web:9.01:*:*:*:*:*:*:*
attachmatereflection_for_the_web9.5cpe:2.3:a:attachmate:reflection_for_the_web:9.5:*:*:*:*:*:*:*
attachmatereflection_for_the_web2008cpe:2.3:a:attachmate:reflection_for_the_web:2008:r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
attachmate	reflection_for_the_web	*	cpe:2.3:a:attachmate:reflection_for_the_web::::::::
attachmate	reflection_for_the_web	*	cpe:2.3:a:attachmate:reflection_for_the_web::r2::::::*
attachmate	reflection_for_the_web	8.0	cpe:2.3:a:attachmate:reflection_for_the_web:8.0:::::::*
attachmate	reflection_for_the_web	9.0	cpe:2.3:a:attachmate:reflection_for_the_web:9.0:::::::*
attachmate	reflection_for_the_web	9.01	cpe:2.3:a:attachmate:reflection_for_the_web:9.01:::::::*
attachmate	reflection_for_the_web	9.5	cpe:2.3:a:attachmate:reflection_for_the_web:9.5:::::::*
attachmate	reflection_for_the_web	2008	cpe:2.3:a:attachmate:reflection_for_the_web:2008:r1::::::

References

osvdb.org/68637

secunia.com/advisories/41869

support.attachmate.com/techdocs/1704.html

www.securityfocus.com/bid/44123

exchange.xforce.ibmcloud.com/vulnerabilities/62564

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

65.5%

JSON

Related for NVD:CVE-2010-4146

cvelist1 cve1 prion1