Test Kennung:	1.3.6.1.4.1.25623.1.0.901015
Kategorie:	General
Titel:	IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability - Linux
Zusammenfassung:	IBM Lotus Notes is prone to a HTML Injection vulnerability.
Beschreibung:	Summary: IBM Lotus Notes is prone to a HTML Injection vulnerability. Vulnerability Insight: The flaw is due to error in the RSS reader widget, caused when items are saved from an RSS feed as local HTML documents. This can be exploited via a crafted feed. Vulnerability Impact: Successful exploitation will allow attackers to inject HTML based code. Affected Software/OS: IBM Lotus Notes Version 8.5 on Linux. Solution: Vendor has released a patch to fix the issue. Please see the references for patch details. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3114 BugTraq ID: 36305 http://www.securityfocus.com/bid/36305 Bugtraq: 20090908 [scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation (Google Search) http://www.securityfocus.com/archive/1/506296/100/0/threaded http://www.scip.ch/?vuldb.4021 http://secunia.com/advisories/36813
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.