ID de Prueba:	1.3.6.1.4.1.25623.1.0.900327
Categoría:	Windows
Título:	BitDefender Internet Security 2009 XSS Vulnerability
Resumen:	BitDefender Internet Security is prone to a cross-site scripting (XSS) vulnerability.
Descripción:	Summary: BitDefender Internet Security is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: BitDefender Internet Security product fails to properly sanitise the input passed through the filename (.rar or .zip archives) of an infected executable before being used to output infection details. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary script codes in a local context by including a malicious HTML file placed on the local system. Affected Software/OS: BitDefender Internet Security version 2009 build 12.0.11.4 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0850 BugTraq ID: 33921 http://www.securityfocus.com/bid/33921 Bugtraq: 20090226 BitDefender Internet Security XSS (Google Search) http://www.securityfocus.com/archive/1/501277/100/0/threaded Bugtraq: 20090227 Re: BitDefender Internet Security XSS (Google Search) http://www.securityfocus.com/archive/1/501299/100/0/threaded http://secunia.com/advisories/34082 http://www.vupen.com/english/advisories/2009/0557
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.