4.3
CVE-2007-2592
- EPSS 2.66%
- Veröffentlicht 11.05.2007 04:20:00
- Zuletzt bearbeitet 16.06.2026 22:39:54
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to de/pda/dev_logon.asp and (2) multiple unspecified vectors in (a) usrmgr/registerAccount.asp, (b) de/create_account.asp, and other files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Nokia ≫ Intellisync Mobile Suite Version6.4.31.2
Nokia ≫ Intellisync Mobile Suite Version6.6.0.107
Nokia ≫ Intellisync Mobile Suite Version6.6.2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.66% | 0.837 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://secunia.com/advisories/25212
http://www.sec-consult.com/289.html
http://www.securityfocus.com/archive/1/468048/100/0/threaded
http://www.vupen.com/english/advisories/2007/1727
http://securityreason.com/securityalert/2689
http://osvdb.org/34515
http://osvdb.org/34516
http://osvdb.org/34517
http://secunia.com/advisories/26199
http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005120.html
http://www.securityfocus.com/bid/23889
http://www.securitytracker.com/id?1018454
http://www.vupen.com/english/advisories/2007/2657
https://exchange.xforce.ibmcloud.com/vulnerabilities/34187