1. CVE-Search
  2. CVE-2005-3424
ID CVE-2005-3424
Summary Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:gnump3d:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.5b:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.5b:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:gnump3d:2.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:gnump3d:2.9.4:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 08-03-2011 - 02:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 15226
confirm http://www.gnu.org/software/gnump3d/ChangeLog
debian DSA-877
mlist [Gnump3d-users] 20051028 New release - security fixes.
osvdb 20359
secunia 17351
suse SUSE-SR:2005:028
vupen ADV-2005-2242
Last major update 08-03-2011 - 02:26
Published 01-11-2005 - 22:02
Last modified 08-03-2011 - 02:26
Back to Top