CVEブラウザに戻る

CVE-2005-0549

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.1820%

EPSS Percentile23.78th

Published2005年5月2日

Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function.

Affected Platforms (CPE)

📦

Sun

Solaris Answerbook2

<= 1.4.4

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=111205163531628&w=2

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57737-1

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000230.1-1

🔗 http://marc.info/?l=bugtraq&m=111205163531628&w=2

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57737-1

🔗 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000230.1-1

関連する脆弱性情報

CVE-2000-069710.0

The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands...

CVE-2000-06967.5

The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supp...

CVE-2005-05484.3

Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject ...

CVE-2005-129910.0

The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.