CVE Vulnerabilities

CVE-2002-1315

Published: Nov 29, 2002 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows remote attackers to execute web script or HTML as the iPlanet administrator by injecting the desired script into error logs, and possibly escalating privileges by using the XSS vulnerability in conjunction with another issue (CVE-2002-1316).

Affected Software

Name Vendor Start Version End Version
Iplanet_web_server Iplanet 4.1_sp8 4.1_sp8
Iplanet_web_server Iplanet 4.1 4.1
Iplanet_web_server Iplanet 4.1_sp11 4.1_sp11
Iplanet_web_server Iplanet 4.1_sp4 4.1_sp4
Iplanet_web_server Iplanet 4.1_sp2 4.1_sp2
Iplanet_web_server Iplanet 4.1_sp5 4.1_sp5
Iplanet_web_server Iplanet 4.1_sp1 4.1_sp1
Iplanet_web_server Iplanet 4.1_sp10 4.1_sp10
Iplanet_web_server Iplanet 4.1_sp7 4.1_sp7
Iplanet_web_server Iplanet 4.1_sp9 4.1_sp9
Iplanet_web_server Iplanet 4.1_sp6 4.1_sp6
Iplanet_web_server Iplanet 4.1_sp3 4.1_sp3

References