Adobe RoboHelp 9 DOM Cross Site Scripting

2011.08.12

Credit: Roberto Suggi Liverani

Risk: Low

Local: No

Remote: No

CVE: CVE-2011-2133

CWE: CWE-79

CVSS Base Score: 4.3/10

Impact Subscore: 2.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: Partial

Availability impact: None

Details for the CVE - 2011-2133 - Adobe RoboHelp9 DOM Cross Site
Scripting below have been published at the following URLs:
PDF version:
http://www.security-assessment.com/files/documents/advisory/Adobe_RoboHelp_9_-_DOM_XSS.pdf
HTML version:
http://malerisch.net/docs/advisories/adobe_robohelp_dom_cross_site_scripting_xss.html
For reference, original vendor advisory:
http://www.adobe.com/support/security/bulletins/apsb11-23.html
Mirror: http://www.exploit-db.com/download_pdf/17653

References:

http://www.adobe.com/support/security/bulletins/apsb11-23.html

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Adobe RoboHelp 9 DOM Cross Site Scripting

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.