Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.703249 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian Security Advisory DSA 3249-1 (jqueryui - security update) |
Zusammenfassung: | Shadowman131 discovered that;jqueryui, a JavaScript UI library for dynamic web applications, failed to;properly sanitize its title option. This would allow a remote attacker to;inject arbitrary code through cross-site scripting. |
Beschreibung: | Summary: Shadowman131 discovered that jqueryui, a JavaScript UI library for dynamic web applications, failed to properly sanitize its title option. This would allow a remote attacker to inject arbitrary code through cross-site scripting. Affected Software/OS: jqueryui on Debian Linux Solution: For the oldstable distribution (wheezy), this problem has been fixed in version 1.8.ooops.21+dfsg-2+deb7u1. For the stable distribution (jessie), testing distribution (stretch) and unstable distribution (sid), this problem has been fixed in version 1.10.1+dfsg-1. We recommend that you upgrade your jqueryui packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-5312 BugTraq ID: 71106 http://www.securityfocus.com/bid/71106 Debian Security Information: DSA-3249 (Google Search) http://www.debian.org/security/2015/dsa-3249 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E http://seclists.org/oss-sec/2014/q4/616 http://seclists.org/oss-sec/2014/q4/613 RedHat Security Advisories: RHSA-2015:0442 http://rhn.redhat.com/errata/RHSA-2015-0442.html RedHat Security Advisories: RHSA-2015:1462 http://rhn.redhat.com/errata/RHSA-2015-1462.html http://www.securitytracker.com/id/1037035 XForce ISS Database: jqueryui-cve20105312-xss(98696) https://exchange.xforce.ibmcloud.com/vulnerabilities/98696 |
Copyright | Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |