CyberSec.Space Logo
返回 CVE 浏览器

CVE-2004-0337

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile39.19th
Published2004年11月23日
Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future.

Affected Platforms (CPE)

📦
Software602

602pro Lan Suite

= 2002
📦
Software602

602pro Lan Suite

= 2003

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html
🔗 http://marc.info/?l=bugtraq&m=107799540630302&w=2
🔗 http://www.securityfocus.com/bid/9777
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/15351
🔗 http://archives.neohapsis.com/archives/bugtraq/2004-03/0096.html
🔗 http://marc.info/?l=bugtraq&m=107799540630302&w=2
🔗 http://www.securityfocus.com/bid/9777
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/15351

相关漏洞威胁

CVE-2000-11157.5

Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attacker...

CVE-2001-04477.5

Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary ...

CVE-2007-32037.5

Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to ...

CVE-2002-19285.0

602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request with a trailing "~" (tilde) or "....