Vulnerability CVE-1999-1167


Published: 1999-12-31   Modified: 2012-02-12

Description:
Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Third voice -> Third voice web 

 References:
http://www.wired.com/news/technology/0,1282,20677,00.html
http://www.wired.com/news/technology/0,1282,20636,00.html
http://www.iss.net/security_center/static/7252.php

Copyright 2024, cxsecurity.com

 

Back to Top