Lucene search
MitreCVELIST:CVE-2005-3310HistoryOct 25, 2005 - 4:00 a.m.
CVE-2005-3310
2005-10-2504:00:00
mitre
www.cve.org
1
Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer, which renders malformed image types as HTML, enabling cross-site scripting (XSS) attacks. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer (CVE-2005-3312) and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in phpBB.
Related
ubuntucve
ubuntucve
CVE-2005-3310
2005-10-26 00:00:00
CVE-2005-3975
2005-12-03 00:00:00
nvd
nvd
cve
cve
cvelist
cvelist
nessus
nessus
Debian DSA-958-1 : drupal - several vulnerabilities
2006-10-14 00:00:00
FreeBSD : phpbb -- multiple vulnerabilities (28c9243a-72ed-11da-8c1d-000e0c2e438a)
2006-05-13 00:00:00
Debian DSA-925-1 : phpbb2 - several vulnerabilities
2006-10-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 925-1 (phpbb2)
2008-01-17 00:00:00
FreeBSD Ports: phpbb, zh-phpbb-tw
2008-09-04 00:00:00
Debian: Security Advisory (DSA-925-1)
2008-01-17 00:00:00
freebsd
freebsd
phpbb -- multiple vulnerabilities
2005-10-24 00:00:00
debian
debian
[SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities
2005-12-22 08:19:09
[SECURITY] [DSA 925-1] New phpbb2 packages fix several vulnerabilities
2005-12-22 08:19:09
osv
osv
phpbb2 - several
2005-12-22 00:00:00