CVE-2009-1428

{"id": "CVE-2009-1428", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-04-29T15:30:00.203", "references": [{"url": "http://osvdb.org/54132", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/34936", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/34669", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1022133", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1022134", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1022135", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_01", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/1203", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/54132", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/34936", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/34669", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1022133", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1022134", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1022135", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_01", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2009/1203", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en ccLgView.exe en Symantec Log Viewer, utilizado en Symantec AntiVirus (SAV), anterior a v10.1 MR8, Symantec Endpoint Protection (SEP) v11.0 anteriores a v11.0 MR1, Norton 360 v1.0, y Norton Internet Security 2005 hasta 2008, permite a atacantes remotos inyectar HTML o scripts web arbitrarios a su elecci\u00f3n a trav\u00e9s de un mensaje de correo electr\u00f3nico elaborado ,relacionadas con \"dos errores de an\u00e1lisis sint\u00e1ctico.\""}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:antivirus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5F1EF45-537A-4656-BDE8-FA9383A75676", "versionEndIncluding": "10.1"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8"}, {"criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:anti_spyware:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "803641B7-E099-4CE8-B805-DBB338479E23"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7FE1A0A-4352-459A-892D-29AB14AA3B00"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018"}, {"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}