漏洞信息详情
Frams’ Fast File EXchange 跨站脚本漏洞
- CNNVD编号:CNNVD-201202-478
- 危害等级: 中危
- CVE编号:
CVE-2012-0869
- 漏洞类型:
跨站脚本
- 发布时间:
2012-02-28
- 威胁类型:
远程
- 更新时间:
2012-09-26
- 厂 商:
ulli_horlacher - 漏洞来源:
-
漏洞简介
Frams\’\’ Fast File EXchange (F*EX,又名fex) 20120215之前版本中的的fup中存在跨站脚本(XSS)漏洞。远程攻击者可利用该漏洞通过id参数注入任意web脚本或HTML。
参考网址
来源: BID
名称: 52085
链接:http://www.securityfocus.com/bid/52085
来源: MLIST
名称: [oss-security] 20120223 Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
链接:http://www.openwall.com/lists/oss-security/2012/02/23/2
来源: MLIST
名称: [oss-security] 20120220 Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
链接:http://www.openwall.com/lists/oss-security/2012/02/20/8
来源: MLIST
名称: [oss-security] 20120220 Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
链接:http://www.openwall.com/lists/oss-security/2012/02/20/1
来源: DEBIAN
名称: DSA-2414
链接:http://www.debian.org/security/2012/dsa-2414
来源: SECUNIA
名称: 47971
链接:http://secunia.com/advisories/47971
来源: OSVDB
名称: 79420
来源: fex.rus.uni-stuttgart.de
链接:http://fex.rus.uni-stuttgart.de/fex.html
来源: BUGTRAQ
名称: 20120220 Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2.
链接:http://archives.neohapsis.com/archives/bugtraq/2012-02/0112.html
来源:SECUNIA
名称:48139