4 matches found
ESET Remote Administrator远程脚本注入漏洞
BUGTRAQ ID: 33633 CVECAN ID: CVE-2009-0548 ESET Remote Administrator用于远程安装和集中管理网络中的ESET杀毒软件。 ESET Remote Administrator没有正确地验证对Additional Report Settings接口的输入,远程攻击者可以通过提交恶意请求注入任意HTML和脚本代码,并在用户查看报表的时候执行注入的代码。 Eset Remote Administrator 3.0.35 厂商补丁: Eset ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2009-0548
Cross-site scripting XSS vulnerability in the Additional Report Settings interface in ESET Remote Administrator before 3.0.105 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...
CVE-2009-0548
CVE-2009-0548 is a remote cross-site scripting vulnerability in the ESET Remote Administrator’s Additional Report Settings interface. The issue affects RSA before a patched version (per sources) and is due to insufficient input validation, enabling arbitrary HTML/JS injection when a user views re...
CVE-2009-0548
Cross-site scripting XSS vulnerability in the Additional Report Settings interface in ESET Remote Administrator before 3.0.105 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...