Search...

CA Unicenter Asset Management Reporter Multiple Field XSS

2005-02-14T07:51:35

ID OSVDB:14311
Type osvdb
Reporter OSVDB
Modified 2005-02-14T07:51:35

Description

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Computer Associates has released a patch (QO64323) to address this vulnerability.

References:

Vendor URL: http://www3.ca.com/Solutions/Product.asp?ID=194 Vendor Specific Advisory URL Security Tracker: 1013360 Secunia Advisory ID:14454 Related OSVDB ID: 14310 Related OSVDB ID: 14312 CVE-2005-0641

JSON Vulners Source

Initial Source

{"type": "osvdb", "published": "2005-02-14T07:51:35", "href": "https://vulners.com/osvdb/OSVDB:14311", "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 4.3}, "viewCount": 1, "edition": 1, "reporter": "OSVDB", "title": "CA Unicenter Asset Management Reporter Multiple Field XSS", "affectedSoftware": [], "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2017-04-28T13:20:10", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-0641"]}], "modified": "2017-04-28T13:20:10", "rev": 2}, "vulnersScore": 5.7}, "references": [], "id": "OSVDB:14311", "lastseen": "2017-04-28T13:20:10", "cvelist": ["CVE-2005-0641"], "modified": "2005-02-14T07:51:35", "description": "## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, Computer Associates has released a patch (QO64323) to address this vulnerability.\n## References:\nVendor URL: http://www3.ca.com/Solutions/Product.asp?ID=194\n[Vendor Specific Advisory URL](http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=Qo64323)\nSecurity Tracker: 1013360\n[Secunia Advisory ID:14454](https://secuniaresearch.flexerasoftware.com/advisories/14454/)\n[Related OSVDB ID: 14310](https://vulners.com/osvdb/OSVDB:14310)\n[Related OSVDB ID: 14312](https://vulners.com/osvdb/OSVDB:14312)\n[CVE-2005-0641](https://vulners.com/cve/CVE-2005-0641)\n"}

{"cve": [{"lastseen": "2020-10-03T11:34:53", "description": "Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template.", "edition": 3, "cvss3": {}, "published": "2005-03-02T05:00:00", "title": "CVE-2005-0641", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0641"], "modified": "2008-09-05T20:46:00", "cpe": ["cpe:/a:ca:unicenter_asset_management:4.0"], "id": "CVE-2005-0641", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0641", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:ca:unicenter_asset_management:4.0:*:*:*:*:*:*:*"]}]}