CVE-2004-1442 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2004-1442
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-1442

Description: Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error emssages such as "DTWP001E."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/14925 VULNWATCH http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0019.html ST 1008845 SAID Secunia Advisory: SA10709 OSVDB 3712 MISC http://secunia.com/secunia_research/2004-1/advisory/ CONFIRM http://www.kb.cert.org/vuls/id/DMOA-5VNPEL CERT-VN 197318 BID 9488

Return to the previous page.