CVE

Id
32011  
CVE No.
CVE-2008-1894  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in desktoplaunch/InfoView/logon/logon.object in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Java version before FixPack 3.5 allows remote attackers to inject arbitrary web script or HTML via the cms parameter.  
Phase
Assigned (20080418)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
345311 32011 CVE-2008-1894 BUGTRAQ:20080413 DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2  View
345312 32011 CVE-2008-1894 URL:http://marc.info/?l=bugtraq&m=120818789018302&w=2  View
345313 32011 CVE-2008-1894 FULLDISC:20080413 DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2  View
345314 32011 CVE-2008-1894 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2008-April/061428.html  View
345315 32011 CVE-2008-1894 CONFIRM:http://resources.businessobjects.com/support/communitycs/FilesAndUpdates/boxir2_en_FixPack3.5_readme.pdf?recDnlReq=Record&dnlPath=boxir2_en_FixPack3.5_readme.pdf  View
345316 32011 CVE-2008-1894 BID:28762  View
345317 32011 CVE-2008-1894 URL:http://www.securityfocus.com/bid/28762  View
345318 32011 CVE-2008-1894 OSVDB:51450  View
345319 32011 CVE-2008-1894 URL:http://osvdb.org/51450  View
345320 32011 CVE-2008-1894 SECUNIA:29804  View
345321 32011 CVE-2008-1894 URL:http://secunia.com/advisories/29804  View
345322 32011 CVE-2008-1894 XF:businessobjects-cms-xss(41875)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
49051 JVNDB-2008-004361 Microsoft Works 7 などに実装される WkImgSrv.dll におけるサービス運用妨害 (DoS) の脆弱性 Microsoft Works 7、Microsoft Office 2003 および 2007 に実装される WkImgSrv.dll の特定の ActiveX コントロールには、任意のコードを実行される、およびサービス運用妨害 (ブラウザクラッシュ) 状態となる脆弱性が存在します。 CVE-2008-1898 32011 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-004361.html  View