CVE Vulnerability

CVE-2008-4485

Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://marc.info/?l=bugtraq&m=122210321731789&w=2
http://www.securitytracker.com/id?1020979
http://marc.info/?l=bugtraq&m=122298544725313&w=2
http://secunia.com/advisories/32122 Vendor Advisory
http://www.bluecoat.com/support/securityadvisories/icap_patience Vendor Advisory
http://www.securityfocus.com/bid/31543
http://securityreason.com/securityalert/4367
http://www.vupen.com/english/advisories/2008/2739
https://exchange.xforce.ibmcloud.com/vulnerabilities/45625
Configurations

Configuration 1

cpe:2.3:o:bluecoat:security_gateway_os:5.2:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:security_gateway_os:4.2:*:*:*:*:*:*:*
cpe:2.3:o:bluecoat:security_gateway_os:5.3:*:*:*:*:*:*:*
Information

Published : 2008-10-08 02:00

Updated : 2017-08-08 01:32

NVD link : CVE-2008-4485

Mitre link : CVE-2008-4485

Products Affected
No products.
CWE
CWE-79