4.3

CVE-2007-3613

Exploit
Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAPInternet Graphics Server Version6.40
SAPInternet Graphics Server Version6.40_patch_11
SAPInternet Graphics Server Version6.40_patch_12
SAPInternet Graphics Server Version6.40_patch_13
SAPInternet Graphics Server Version6.40_patch_14
SAPInternet Graphics Server Version6.40_patch_15
SAPInternet Graphics Server Version7.00_patch_1
SAPInternet Graphics Server Version7.00_patch_2
SAPInternet Graphics Server Version7.00_patch_3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.39% 0.818
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/472889/100/0/threaded
http://osvdb.org/36480
http://secunia.com/advisories/25950
Vendor Advisory
http://securityreason.com/securityalert/2865
http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-sap-internet-graphics-server/
http://www.securityfocus.com/bid/24775
Exploit
http://www.securitytracker.com/id?1018339
http://www.vupen.com/english/advisories/2007/2452
https://exchange.xforce.ibmcloud.com/vulnerabilities/35280