CVE-2003-0615

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
References
Link Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713
http://marc.info/?l=bugtraq&m=105880349328877&w=2
http://marc.info/?l=bugtraq&m=106018783704468&w=2
http://marc.info/?l=full-disclosure&m=105875211018698&w=2
http://secunia.com/advisories/13638
http://securitytracker.com/id?1007234
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1
http://www.ciac.org/ciac/bulletins/n-155.shtml
http://www.debian.org/security/2003/dsa-371
http://www.kb.cert.org/vuls/id/246409 US Government Resource
http://www.redhat.com/support/errata/RHSA-2003-256.html
http://www.securityfocus.com/bid/8231 Patch Vendor Advisory
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084
https://exchange.xforce.ibmcloud.com/vulnerabilities/12669
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713
http://marc.info/?l=bugtraq&m=105880349328877&w=2
http://marc.info/?l=bugtraq&m=106018783704468&w=2
http://marc.info/?l=full-disclosure&m=105875211018698&w=2
http://secunia.com/advisories/13638
http://securitytracker.com/id?1007234
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1
http://www.ciac.org/ciac/bulletins/n-155.shtml
http://www.debian.org/security/2003/dsa-371
http://www.kb.cert.org/vuls/id/246409 US Government Resource
http://www.redhat.com/support/errata/RHSA-2003-256.html
http://www.securityfocus.com/bid/8231 Patch Vendor Advisory
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084
https://exchange.xforce.ibmcloud.com/vulnerabilities/12669
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cgi.pm:cgi.pm:2.73:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.74:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.75:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.76:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.78:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.79:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.93:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.751:*:*:*:*:*:*:*
cpe:2.3:a:cgi.pm:cgi.pm:2.753:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*

History

20 Nov 2024, 23:45

Type Values Removed Values Added
References () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713 - () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000713 -
References () http://marc.info/?l=bugtraq&m=105880349328877&w=2 - () http://marc.info/?l=bugtraq&m=105880349328877&w=2 -
References () http://marc.info/?l=bugtraq&m=106018783704468&w=2 - () http://marc.info/?l=bugtraq&m=106018783704468&w=2 -
References () http://marc.info/?l=full-disclosure&m=105875211018698&w=2 - () http://marc.info/?l=full-disclosure&m=105875211018698&w=2 -
References () http://secunia.com/advisories/13638 - () http://secunia.com/advisories/13638 -
References () http://securitytracker.com/id?1007234 - () http://securitytracker.com/id?1007234 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-26-101426-1 -
References () http://www.ciac.org/ciac/bulletins/n-155.shtml - () http://www.ciac.org/ciac/bulletins/n-155.shtml -
References () http://www.debian.org/security/2003/dsa-371 - () http://www.debian.org/security/2003/dsa-371 -
References () http://www.kb.cert.org/vuls/id/246409 - US Government Resource () http://www.kb.cert.org/vuls/id/246409 - US Government Resource
References () http://www.redhat.com/support/errata/RHSA-2003-256.html - () http://www.redhat.com/support/errata/RHSA-2003-256.html -
References () http://www.securityfocus.com/bid/8231 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/8231 - Patch, Vendor Advisory
References () http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084 - () http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/12669 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/12669 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A307 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A470 -

Information

Published : 2003-08-27 04:00

Updated : 2024-11-20 23:45


NVD link : CVE-2003-0615

Mitre link : CVE-2003-0615

CVE.ORG link : CVE-2003-0615


JSON object : View

Products Affected

debian

  • debian_linux

openpkg

  • openpkg

cgi.pm

  • cgi.pm