Secunia
Login
|
|
CVE Reference: CVE-2008-2929 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2929 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/44737 ST 1020772 SAID Secunia Advisory: SA31777 Secunia Advisory: SA31565 Secunia Advisory: SA31612 Secunia Advisory: SA31702 REDHAT OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5877 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01532861 FEDORA CONFIRM http://www.redhat.com/docs/manuals/dir-server/release-notes/7.1SP7/index.html BID 30870 |
|
| Return to the previous page. |
