Lucene search

Ubuntu.comUB:CVE-2010-3693

HistoryApr 04, 2011 - 12:00 a.m.

CVE-2010-3693

2011-04-0400:00:00

ubuntu.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.4%

JSON

Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before
1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote
attackers to inject arbitrary web script or HTML via vectors related to
displaying mailbox names.

Bugs

<http://bugs.horde.org/ticket/9240>

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchdimp1< 1.1.4+debian2-1.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	dimp1	< 1.1.4+debian2-1.1	UNKNOWN

References

openwall.com/lists/oss-security/2010/09/30/7

launchpad.net/bugs/cve/CVE-2010-3693

nvd.nist.gov/vuln/detail/CVE-2010-3693

security-tracker.debian.org/tracker/CVE-2010-3693

www.cve.org/CVERecord?id=CVE-2010-3693

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.4%

JSON

Related for UB:CVE-2010-3693