CVE-2011-3642

Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin.

CVSS v3 9.6 CRITICAL
CVSS v2.0 6.8 MEDIUM

9.6^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.8 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://appsec.ws/Presentations/FlashFlooding.pdf	Broken Link
http://secunia.com/advisories/52074	Third Party Advisory
http://secunia.com/advisories/54206	Third Party Advisory
http://secunia.com/advisories/58854	Third Party Advisory
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-009	Broken Link
http://web.appsec.ws/FlashExploitDatabase.php	Broken Link
https://bugs.launchpad.net/mahara/+bug/1103748	Third Party Advisory
https://code.google.com/p/flowplayer-core/issues/detail?id=441	Exploit Third Party Advisory
https://mahara.org/interaction/forum/topic.php?id=5237	Third Party Advisory
https://www.securityfocus.com/bid/48651	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:flowplayer:flowplayer_flash::::::mahara::*
	cpe:2.3:a:flowplayer:flowplayer_flash::::::typo3::*

History

No history.

Information

Published : 2020-02-08 16:15

Updated : 2024-02-04 20:39

NVD link : CVE-2011-3642

Mitre link : CVE-2011-3642

CVE.ORG link : CVE-2011-3642

JSON object : View

Products Affected

flowplayer

flowplayer_flash

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2011-3642", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.6, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.8}]}, "published": "2020-02-08T16:15:10.447", "references": [{"url": "http://appsec.ws/Presentations/FlashFlooding.pdf", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/52074", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/54206", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/58854", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-009", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://web.appsec.ws/FlashExploitDatabase.php", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://bugs.launchpad.net/mahara/+bug/1103748", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://code.google.com/p/flowplayer-core/issues/detail?id=441", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://mahara.org/interaction/forum/topic.php?id=5237", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.securityfocus.com/bid/48651", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin."}, {"lang": "es", "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en Flowplayer Flash versiones 3.2.7 hasta 3.2.16, como es usado en la extensi\u00f3n News system (news) para TYPO3 y Mahara, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de la directiva de configuraci\u00f3n del plugin en una referencia a un plugin de dominio externo."}], "lastModified": "2020-02-12T16:54:36.443", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:flowplayer:flowplayer_flash:*:*:*:*:*:mahara:*:*", "vulnerable": true, "matchCriteriaId": "74DC3F20-3F23-40A2-82A8-DEB42CF37795", "versionEndIncluding": "3.2.16", "versionStartIncluding": "3.2.7"}, {"criteria": "cpe:2.3:a:flowplayer:flowplayer_flash:*:*:*:*:*:typo3:*:*", "vulnerable": true, "matchCriteriaId": "F77B0CCD-EE16-4873-B428-2BEA95E41B67", "versionEndIncluding": "3.2.16", "versionStartIncluding": "3.2.7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}