Lucene search

[email protected]NVD:CVE-2009-0247

HistoryJan 22, 2009 - 4:30 p.m.

CVE-2009-0247

2009-01-2216:30:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

56.9%

JSON

The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.

Affected configurations

Nvd

Node

53kfweb_im_2009Match_nil_enterprise

53kfweb_im_2009Match_nil_home

53kfweb_im_2009Match_nil_professional

VendorProductVersionCPE
53kfweb_im_2009_nil_cpe:2.3:a:53kf:web_im_2009:_nil_:enterprise:*:*:*:*:*:*
53kfweb_im_2009_nil_cpe:2.3:a:53kf:web_im_2009:_nil_:home:*:*:*:*:*:*
53kfweb_im_2009_nil_cpe:2.3:a:53kf:web_im_2009:_nil_:professional:*:*:*:*:*:*

Vendor	Product	Version	CPE
53kf	web_im_2009	_nil_	cpe:2.3:a:53kf:web_im_2009:_nil_:enterprise::::::
53kf	web_im_2009	_nil_	cpe:2.3:a:53kf:web_im_2009:_nil_:home::::::
53kf	web_im_2009	_nil_	cpe:2.3:a:53kf:web_im_2009:_nil_:professional::::::

References

www.securityfocus.com/archive/1/500169/100/0/threaded

www.securityfocus.com/bid/33341

exchange.xforce.ibmcloud.com/vulnerabilities/48096

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

56.9%

JSON

Related for NVD:CVE-2009-0247

cve1 prion1 cvelist1