Vulnerability CVE-2004-0673


Published: 2004-08-06   Modified: 2012-02-12

Description:
Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message.

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Simm-comm -> Sci photo chat 

 References:
http://marc.info/?l=bugtraq&m=108880460730833&w=2
http://www.securityfocus.com/bid/10648
http://xforce.iss.net/xforce/xfdb/16602

Copyright 2024, cxsecurity.com

 

Back to Top