Snitz Forums 2000图像标签跨站脚本漏洞

漏洞信息详情

Snitz Forums 2000图像标签跨站脚本漏洞

• CNNVD编号：CNNVD-200206-053
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-0329
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2002-06-25
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-08-24
  
• 厂        商：
  
  snitz_communications
• 漏洞来源：
  .’);”>This issue was rep…

Snitz Forums 2000 3.3.03及其之前版本存在跨站脚本漏洞。远程攻击者借助IMG标签中的Javascript像其他Forums 2000用户一样执行任意脚本。

The vendor has released a patch which may only be applied to v3.3.03. Users of older versions are advised to upgrade to v3.3.03 and then apply the patch.
Snitz Forums 2000 Snitz Forums 2000 3.3 .03

• Snitz Forums 2000 sf2k_v33_033.zip
  
  http://forum.snitz.com/download.asp

来源:US-CERT Vulnerability Note: VU#132011
名称: VU#132011
链接:http://www.kb.cert.org/vuls/id/132011

来源: XF
名称: snitz-img-css(8309)
链接:http://www.iss.net/security_center/static/8309.php

来源: BUGTRAQ
名称: 20020227 RE: Open Bulletin Board javascript bug.
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=101485184605149&w=2

来源: forum.snitz.com
链接:http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660

来源: BID
名称: 4192
链接:http://www.securityfocus.com/bid/4192

来源: BUGTRAQ
名称: 20020227 Snitz 2000 Code Patch (was RE: Open Bulletin Board javascript bug.)
链接:http://online.securityfocus.com/archive/1/258981