CVE Vulnerability

CVE-2008-0917

Cross-site scripting (XSS) vulnerability in Tor World Tor Search 1.1 and earlier, I-Navigator 4.0, Mobile Frontier 2.1 and earlier, Diary.cgi (aka Quotes of the Day) 1.5 and earlier, Tor News 1.21 and earlier, Simple BBS 1.3 and earlier, Interactive BBS 1.3 and earlier, Tor Board 1.1 and earlier, Simple Vote 1.1 and earlier, and Com Vote 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://jvn.jp/jp/JVN%2354593414/index.html
http://download.torworld.com/bug/20080221.html
http://www.securityfocus.com/bid/27919
http://secunia.com/advisories/29039 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:tor_world:i-navigator:4.0:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:tor_search:1.1:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:quotes_of_the_day:1.5:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:simple_bbs:1.3:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:com_vote:1.2:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:simple_vote:1.1:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:tor_news:1.21:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:interactive_bbs:1.3:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:mobile_frontier:2.1:*:*:*:*:*:*:*
cpe:2.3:a:tor_world:tor_board:1.1:*:*:*:*:*:*:*
Information

Published : 2008-02-22 11:44

Updated : 2008-09-05 09:36

NVD link : CVE-2008-0917

Mitre link : CVE-2008-0917

Products Affected
No products.
CWE
CWE-79