Lucene search
RootSSV:4823HistoryFeb 25, 2009 - 12:00 a.m.
ESET Remote Administrator远程脚本注入漏洞
2009-02-2500:00:00
Root
www.seebug.org
12
0.002 Low
EPSS
Percentile
60.4%
BUGTRAQ ID: 33633
CVE(CAN) ID: CVE-2009-0548
ESET Remote Administrator用于远程安装和集中管理网络中的ESET杀毒软件。
ESET Remote Administrator没有正确地验证对Additional Report Settings接口的输入,远程攻击者可以通过提交恶意请求注入任意HTML和脚本代码,并在用户查看报表的时候执行注入的代码。
Eset Remote Administrator 3.0.35
厂商补丁:
Eset
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.eset.eu/support/changelog-eset-remote-administrator-3” target=“_blank”>http://www.eset.eu/support/changelog-eset-remote-administrator-3</a>
Related
cve
cve
CVE-2009-0548
2009-02-12 23:30:01
nvd
nvd
CVE-2009-0548
2009-02-12 23:30:01
openvas
openvas
ESET Remote Administrator XSS Vulnerability
2009-02-26 00:00:00
ESET Remote Administrator XSS Vulnerability
2009-02-26 00:00:00
cvelist
cvelist
CVE-2009-0548
2009-02-12 23:00:00
prion
prion
Cross site scripting
2009-02-12 23:30:00