Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-0085

Опубликовано: 27 апр. 2005
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:htdig:htdig:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.1.5_7:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.1.5_8:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.2.0b2:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.2.0b3:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.2.0b4:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.2.0b5:*:*:*:*:*:*:*
cpe:2.3:a:htdig:htdig:3.2.0b6:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*

EPSS

Процентиль: 89%
0.04725
Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2005-0085

ubuntu
больше 20 лет назад

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

redhat логотип

CVE-2005-0085

redhat
больше 19 лет назад

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

debian логотип

CVE-2005-0085

debian
больше 20 лет назад

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3. ...

github логотип

GHSA-qpr6-prp3-323r

github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

EPSS

Процентиль: 89%
0.04725
Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other