Lucene search

PRIOn knowledge basePRION:CVE-2012-1293

HistorySep 25, 2012 - 11:55 p.m.

Cross site scripting

2012-09-2523:55:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams’ Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.

CPENameOperatorVersion
fexeq20110830
fexeq20110621
fexeq20110610
fexeq20111115
fexeq20110622
fexeq20110616
fexeq20110807
fexeq20110811
fexeq20110907
fexeq20110727

Name	Operator	Version
fex	eq	20110830
fex	eq	20110621
fex	eq	20110610
fex	eq	20111115
fex	eq	20110622
fex	eq	20110616
fex	eq	20110807
fex	eq	20110811
fex	eq	20110907
fex	eq	20110727

Rows per page:

1-10 of 431

References

archives.neohapsis.com/archives/bugtraq/2012-02/0109.html

archives.neohapsis.com/archives/bugtraq/2012-02/0112.html

fex.rus.uni-stuttgart.de/fex.html

osvdb.org/79420

secunia.com/advisories/47971

www.debian.org/security/2012/dsa-2414

www.openwall.com/lists/oss-security/2012/02/20/1

www.openwall.com/lists/oss-security/2012/02/20/8

www.openwall.com/lists/oss-security/2012/02/23/2

www.securityfocus.com/bid/52085

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for PRION:CVE-2012-1293