Lucene search

[email protected]NVD:CVE-2007-0696

HistoryFeb 03, 2007 - 10:28 p.m.

CVE-2007-0696

2007-02-0322:28:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.6

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, different vectors than CVE-2007-0611.

Affected configurations

Nvd

Node

free_lan_intra_internet_portalfree_lan_intra_internet_portalMatch0.9.0.730

free_lan_intra_internet_portalfree_lan_intra_internet_portalMatch0.9.0.1029

free_lan_intra_internet_portalfree_lan_intra_internet_portalMatch1.0_rc1

free_lan_intra_internet_portalfree_lan_intra_internet_portalMatch1.0_rc2

VendorProductVersionCPE
free_lan_intra_internet_portalfree_lan_intra_internet_portal0.9.0.730cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:0.9.0.730:*:*:*:*:*:*:*
free_lan_intra_internet_portalfree_lan_intra_internet_portal0.9.0.1029cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:0.9.0.1029:*:*:*:*:*:*:*
free_lan_intra_internet_portalfree_lan_intra_internet_portal1.0_rc1cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:1.0_rc1:*:*:*:*:*:*:*
free_lan_intra_internet_portalfree_lan_intra_internet_portal1.0_rc2cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:1.0_rc2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
free_lan_intra_internet_portal	free_lan_intra_internet_portal	0.9.0.730	cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:0.9.0.730:::::::*
free_lan_intra_internet_portal	free_lan_intra_internet_portal	0.9.0.1029	cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:0.9.0.1029:::::::*
free_lan_intra_internet_portal	free_lan_intra_internet_portal	1.0_rc1	cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:1.0_rc1:::::::*
free_lan_intra_internet_portal	free_lan_intra_internet_portal	1.0_rc2	cpe:2.3:a:free_lan_intra_internet_portal:free_lan_intra_internet_portal:1.0_rc2:::::::*

References

osvdb.org/33650

sourceforge.net/project/shownotes.php?release_id=481131&group_id=98260

www.vupen.com/english/advisories/2007/0454

exchange.xforce.ibmcloud.com/vulnerabilities/31900

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.6

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Related for NVD:CVE-2007-0696

cvelist2 cve2 prion2 nvd1 securityvulns1