Executive Summary

Informations
Name CVE-2004-1318 First vendor Publication 2005-01-06
Vendor Cve Last vendor Modification 2024-11-20

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1318

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

OpenVAS Exploits

Date Description
2008-01-17 Name : Debian Security Advisory DSA 627-1 (namazu2)
File : nvt/deb_627_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
12516 Namazu namazu.cgi Tab Character XSS

Namazu contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate queries beginning from a tab ("%09") upon submission to the 'namazu.cgi' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Nessus® Vulnerability Scanner

Date Description
2005-01-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-627.nasl - Type : ACT_GATHER_INFO
2004-12-23 Name : The remote service is affected by multiple vulnerabilities.
File : namazu_multiple_vulns.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://jvn.jp/jp/JVN%23904429FE.html
http://secunia.com/advisories/13600
http://securitytracker.com/alerts/2005/Jan/1012802.html
http://securitytracker.com/alerts/2005/Jan/1012805.html
http://www.debian.org/security/2005/dsa-627
http://www.linuxsecurity.com/content/view/117604/102/
http://www.namazu.org/security.html.en#xss-tab
http://www.novell.com/linux/security/advisories/2005_01_sr.html
http://www.osvdb.org/12516
http://www.securityfocus.com/advisories/9028
http://www.securityfocus.com/bid/12053
https://exchange.xforce.ibmcloud.com/vulnerabilities/18623
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
Date Informations
2024-11-28 23:22:36
  • Multiple Updates
2024-11-28 12:06:19
  • Multiple Updates
2021-05-04 12:02:29
  • Multiple Updates
2021-04-22 01:02:40
  • Multiple Updates
2020-05-23 00:15:59
  • Multiple Updates
2017-07-11 12:01:35
  • Multiple Updates
2016-06-28 15:06:47
  • Multiple Updates
2016-04-26 12:57:59
  • Multiple Updates
2014-02-17 10:28:41
  • Multiple Updates
2013-05-11 11:44:44
  • Multiple Updates