Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2011-1264 | First vendor Publication | 2011-06-16 |
Vendor | Cve | Last vendor Modification | 2020-09-28 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory Certificate Services Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1264 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12749 | |||
Oval ID: | oval:org.mitre.oval:def:12749 | ||
Title: | Active Directory Certificate Services Vulnerability | ||
Description: | Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Active Directory Certificate Services Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1264 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 | |
Os | 5 |
OpenVAS Exploits
Date | Description |
---|---|
2011-06-15 | Name : Active Directory Certificate Services Web Enrollment Elevation of Privilege V... File : nvt/secpod_ms11-051.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
72937 | Microsoft Windows Active Directory Certificate Services Web Enrollment XSS |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-06-16 | IAVM : 2011-B-0068 - Microsoft Active Directory Certificate Services Web Enrollment Privilege Esca... Severity : Category II - VMSKEY : V0028615 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Vector Markup Language imagedata page deconstruction attempt RuleID : 19242 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Windows Vector Markup Language imagedata page deconstruction attempt RuleID : 19241 - Revision : 13 - Type : BROWSER-IE |
2014-01-10 | Microsoft Certification service XSS attempt RuleID : 19186 - Revision : 11 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-06-15 | Name : The remote Active Directory Certificate Services Web Enrollment server is vul... File : microsoft_certsrv_anon_ms11-051.nasl - Type : ACT_ATTACK |
2011-06-15 | Name : The remote Windows host has an ASP application with a cross-site scripting vu... File : smb_nt_ms11-051.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
MS | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11... |
OVAL | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... |
Alert History
Date | Informations |
---|---|
2024-02-02 01:15:44 |
|
2024-02-01 12:04:26 |
|
2023-09-05 12:14:43 |
|
2023-09-05 01:04:18 |
|
2023-09-02 12:14:46 |
|
2023-09-02 01:04:22 |
|
2023-08-12 12:17:49 |
|
2023-08-12 01:04:23 |
|
2023-08-11 12:14:52 |
|
2023-08-11 01:04:31 |
|
2023-08-06 12:14:17 |
|
2023-08-06 01:04:23 |
|
2023-08-04 12:14:22 |
|
2023-08-04 01:04:25 |
|
2023-07-14 12:14:21 |
|
2023-07-14 01:04:22 |
|
2023-03-29 01:16:16 |
|
2023-03-28 12:04:28 |
|
2022-10-11 12:12:47 |
|
2022-10-11 01:04:08 |
|
2021-05-04 12:14:13 |
|
2021-04-22 01:15:27 |
|
2020-09-28 17:22:43 |
|
2020-05-23 00:28:06 |
|
2019-02-26 17:19:35 |
|
2018-10-13 05:18:31 |
|
2018-09-20 12:08:52 |
|
2017-09-19 09:24:20 |
|
2016-09-30 01:02:54 |
|
2016-08-31 12:02:39 |
|
2016-06-28 18:35:58 |
|
2016-04-26 20:39:20 |
|
2014-02-17 11:01:21 |
|
2014-01-19 21:27:41 |
|
2013-11-11 12:39:17 |
|
2013-05-10 22:57:15 |
|