CVE-2005-3425 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.

Affected Software

Name	Vendor	Start Version	End Version
Gnump3d	Gnu	2.0 (including)	2.0 (including)
Gnump3d	Gnu	2.1 (including)	2.1 (including)
Gnump3d	Gnu	2.2 (including)	2.2 (including)
Gnump3d	Gnu	2.3 (including)	2.3 (including)
Gnump3d	Gnu	2.4 (including)	2.4 (including)
Gnump3d	Gnu	2.5 (including)	2.5 (including)
Gnump3d	Gnu	2.5b (including)	2.5b (including)
Gnump3d	Gnu	2.6 (including)	2.6 (including)
Gnump3d	Gnu	2.7 (including)	2.7 (including)
Gnump3d	Gnu	2.8 (including)	2.8 (including)
Gnump3d	Gnu	2.9 (including)	2.9 (including)
Gnump3d	Gnu	2.9.1 (including)	2.9.1 (including)
Gnump3d	Gnu	2.9.2 (including)	2.9.2 (including)
Gnump3d	Gnu	2.9.3 (including)	2.9.3 (including)
Gnump3d	Gnu	2.9.4 (including)	2.9.4 (including)
Gnump3d	Gnu	2.9.5 (including)	2.9.5 (including)

References

http://secunia.com/advisories/17351
http://secunia.com/advisories/17355
http://secunia.com/advisories/17449
http://secunia.com/advisories/17831
http://securitytracker.com/id?1015118
http://www.debian.org/security/2005/dsa-877
http://www.gnu.org/software/gnump3d/ChangeLog
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://www.securityfocus.com/bid/15341

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3425
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html