CVE-2011-2133

Executive Summary

Informations
Name	CVE-2011-2133	First vendor Publication	2011-08-11
Vendor	Cve	Last vendor Modification	2011-10-04

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 8 and 9 before 9.0.1.262, and RoboHelp Server 8 and 9, allows remote attackers to inject arbitrary web script or HTML via the URI, related to template_stock/whutils.js.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2133

CWE : Common Weakness Enumeration

id	Name
CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Robohelp cpe:/a:adobe:robohelp:9.0.1.232 cpe:/a:adobe:robohelp:9 cpe:/a:adobe:robohelp:8	3
Application	Adobe Robohelp Server cpe:/a:adobe:robohelp_server:9 cpe:/a:adobe:robohelp_server:8	2

Open Source Vulnerability Database (OSVDB)

id	Description
74430	Adobe RoboHelp index.html location.hash DOM Property XSS

Internal Sources (Detail)

Source	Url
CERT	http://www.us-cert.gov/cas/techalerts/TA11-222A.html
CONFIRM	http://www.adobe.com/support/security/bulletins/apsb11-23.html
SREASON	http://securityreason.com/securityalert/8334

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 23:01:11	Multiple Updates

Related	Severity
TA11-222A	(Critical)

Same Subject	Severity
Login to view 23 more Alert(s)

Copyright Security-Database 2006-2013 - Powered by themself ;) in 0.0354s

Facebook rss twitter linkedin mail