Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.804507
Kategorie:General
Titel:SeaMonkey Multiple XSS Vulnerabilities Feb14 (Windows)
Zusammenfassung:This host is installed with SeaMonkey and is prone to multiple cross site;scripting vulnerabilities.
Beschreibung:Summary:
This host is installed with SeaMonkey and is prone to multiple cross site
scripting vulnerabilities.

Vulnerability Insight:
Flaw is due to the program does not validate input related to data URLs in
IFRAME elements or EMBED or OBJECT element before returning it to users.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary script code
in a user's browser session within the trust relationship between their
browser and the server.

Affected Software/OS:
SeaMonkey version before 2.20 on Windows

Solution:
Upgrade to SeaMonkey version 2.20 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Querverweis: BugTraq ID: 65158
BugTraq ID: 65620
Common Vulnerability Exposure (CVE) ID: CVE-2013-6674
CERT/CC vulnerability note: VU#863369
http://www.kb.cert.org/vuls/id/863369
http://seclists.org/fulldisclosure/2014/Jan/182
http://packetstormsecurity.com/files/124965/Mozilla-Thunderbird-Filter-Bypass.html
http://osvdb.org/102566
http://www.securitytracker.com/id/1029773
http://www.securitytracker.com/id/1029774
http://www.ubuntu.com/usn/USN-2119-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-2018
http://www.vulnerability-lab.com/get_content.php?id=953
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.