Lucene search

K

Ubuntu.comUB:CVE-2008-3650

HistoryAug 13, 2008 - 12:00 a.m.

CVE-2008-3650

2008-08-1300:00:00

ubuntu.com

ubuntu.com

10

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

EPSS

0.004

Percentile

73.9%

Multiple unspecified vulnerabilities in Horde Groupware Webmail before
Edition 1.1.1 (final) have unknown impact and attack vectors related to
“unescaped output,” possibly cross-site scripting (XSS), in the (1) object
browser and (2) contact view.

Notes

Author	Note
mdeslaur	this is a dupe of CVE-2008-3330, ignoring turba2 code introduced in 2.2.0

References

launchpad.net/bugs/cve/CVE-2008-3650

nvd.nist.gov/vuln/detail/CVE-2008-3650

security-tracker.debian.org/tracker/CVE-2008-3650

www.cve.org/CVERecord?id=CVE-2008-3650

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

EPSS

0.004

Percentile

73.9%

Related for UB:CVE-2008-3650

cvelist2 ubuntucve1 prion2 openvas4 cve2 nvd2 osv1 securityvulns1 nessus3 debian2