3 matches found
CVE-2003-0801
CVE-2003-0801 – Nokia Electronic Documentation (NED) 5.0 suffers a cross-site scripting (XSS) vulnerability. A remote attacker can cause the application to execute arbitrary web script and steal cookies via a crafted URL to the docs/ directory containing the script. Public references indicate an ...
CVE-2003-0802
Summary (CVE-2003-0802): Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root and the NED server’s physical path by sending a "retrieve" action with a location parameter of ".". The connected documents reiterate the same descripti...
CVE-2003-0803
The CVE-2003-0803 entry concerns Nokia Electronic Documentation (NED) 5.0. The vulnerability allows a remote attacker to abuse NED as an open HTTP proxy by supplying a URL in the location parameter, which NED accesses and returns to the user. This describes a proxy abuse/chainable request issue a...