CVE-2005-3424 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.

Affected Software

Name	Vendor	Start Version	End Version
Gnump3d	Gnu	2.0 (including)	2.0 (including)
Gnump3d	Gnu	2.1 (including)	2.1 (including)
Gnump3d	Gnu	2.2 (including)	2.2 (including)
Gnump3d	Gnu	2.3 (including)	2.3 (including)
Gnump3d	Gnu	2.4 (including)	2.4 (including)
Gnump3d	Gnu	2.5 (including)	2.5 (including)
Gnump3d	Gnu	2.5b (including)	2.5b (including)
Gnump3d	Gnu	2.6 (including)	2.6 (including)
Gnump3d	Gnu	2.7 (including)	2.7 (including)
Gnump3d	Gnu	2.8 (including)	2.8 (including)
Gnump3d	Gnu	2.9 (including)	2.9 (including)
Gnump3d	Gnu	2.9.1 (including)	2.9.1 (including)
Gnump3d	Gnu	2.9.2 (including)	2.9.2 (including)
Gnump3d	Gnu	2.9.3 (including)	2.9.3 (including)
Gnump3d	Gnu	2.9.4 (including)	2.9.4 (including)

References

http://lists.gnu.org/archive/html/gnump3d-users/2005-10/msg00013.html
http://secunia.com/advisories/17351
http://www.debian.org/security/2005/dsa-877
http://www.gnu.org/software/gnump3d/ChangeLog
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.osvdb.org/20359
http://www.securityfocus.com/bid/15226
http://www.vupen.com/english/advisories/2005/2242

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3424
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html