Lucene search

PRIOn knowledge basePRION:CVE-2011-1976

HistoryAug 10, 2011 - 9:55 p.m.

Cross site scripting

2011-08-1021:55:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.917 High

EPSS

Percentile

98.8%

JSON

Cross-site scripting (XSS) vulnerability in the Report Viewer Control in Microsoft Visual Studio 2005 SP1 and Report Viewer 2005 SP1 allows remote attackers to inject arbitrary web script or HTML via a parameter in a data source, aka “Report Viewer Controls XSS Vulnerability.”

CPENameOperatorVersion
report_viewereq2005 sp1
report_viewereq2005 sp1redistributablepackage
visual_studioeq2005 sp1

Name	Operator	Version
report_viewer	eq	2005 sp1
report_viewer	eq	2005 sp1redistributablepackage
visual_studio	eq	2005 sp1

References

www.securityfocus.com/bid/49033

www.us-cert.gov/cas/techalerts/TA11-221A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-067

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04945270

marc.info/?l=bugtraq&m=145326307707460&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12773

5.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.917 High

EPSS

Percentile

98.8%

JSON

Related for PRION:CVE-2011-1976