|
|
CVE Reference: CVE-2004-1442 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1442 |
|
|
Description: Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error emssages such as "DTWP001E." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/14925 VULNWATCH http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0019.html ST 1008845 SAID Secunia Advisory: SA10709 OSVDB 3712 MISC http://secunia.com/secunia_research/2004-1/advisory/ CONFIRM http://www.kb.cert.org/vuls/id/DMOA-5VNPEL CERT-VN 197318 BID 9488 |
|
| Return to the previous page. |
