4.3

CVE-2002-1060

Exploit
Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BluecoatCacheos Version3.1.17
BluecoatCacheos Version3.1.18
BluecoatCacheos Version3.1.19
BluecoatCacheos Version3.1.21
BluecoatCacheos Version4.0
BluecoatCacheos Version4.0.11
BluecoatCacheos Version4.0.12
BluecoatCacheos Version4.0.13
BluecoatCacheos Version4.0.14
BluecoatCacheos Version4.1.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.87% 0.909
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/bugtraq/2002-07/0283.html
http://download.cacheflow.com/release/CA/4.1.00-docs/CACacheOS41fixes.htm
http://www.iss.net/security_center/static/9674.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5305
Patch
Vendor Advisory
Exploit
http://www.securityfocus.com/bid/5608