PT-2005-3726 · N Stealth · N-Stealth Free Edition+1

Mariano Nuñez Di Croce

·

Publicado

2005-09-08

·

Atualizado

2008-09-05

·

CVE-2005-2861

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions N-Stealth Commercial Edition versions prior to 5.8.0.38 N-Stealth Free Edition versions prior to 5.8.1.03
Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header. This injected content is directly inserted into an HTML report, potentially leading to the execution of malicious scripts.
Recommendations For N-Stealth Commercial Edition versions prior to 5.8.0.38, update to version 5.8.0.38 or later. For N-Stealth Free Edition versions prior to 5.8.1.03, update to version 5.8.1.03 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2861

Produtos afetados

N-Stealth Commercial Edition
N-Stealth Free Edition