{ "id": "CVE-2005-2950", "sourceIdentifier": "cve@mitre.org", "published": "2005-09-16T22:03:00.000", "lastModified": "2024-11-21T00:00:46.887", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through 7.1.13 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP GET request." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "baseScore": 4.3, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F60FCBD-D8B1-4E69-B8C3-32659106B636" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "44518027-BCA4-45E5-8416-75FE36AD6D63" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "21913F12-4790-487D-84F4-48EB09AB042A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D6CC4EE-265E-47D2-B820-ACB4EF100953" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3CDC8E37-ADF0-452D-A344-8A93ACB89D26" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A78385D9-4652-48ED-A5E7-F50340D70F0F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "27A6E5F4-73AF-4BDB-A2B4-2F24064F1D21" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "3FD29FBC-959E-4EBA-9C5A-7B6BCF53A2C7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "1C91865B-6527-466D-A88D-17E1CC8A1B89" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "BAAFA876-B95A-40E5-9E42-8B37315BDE94" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "1E3D5C1E-80B7-413B-B49D-8DE6CC919770" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10a:*:*:*:*:*:*:*", "matchCriteriaId": "06D5321E-DE25-4FC4-81EC-E6C9EC7BA836" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10b:*:*:*:*:*:*:*", "matchCriteriaId": "B790CF30-97C7-46A2-A300-E4D417870DEB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10c:*:*:*:*:*:*:*", "matchCriteriaId": "1A328FB8-ECC3-47D8-82B4-89372DD9A324" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10d:*:*:*:*:*:*:*", "matchCriteriaId": "5FC7D8F1-454E-43A5-A886-3EA91E05F3DE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10e:*:*:*:*:*:*:*", "matchCriteriaId": "1916BD3D-51AF-4A25-8EAA-018C84B58B6C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10f:*:*:*:*:*:*:*", "matchCriteriaId": "5B1DB0AB-5BC6-4C26-8223-E6F11FDC8293" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10g:*:*:*:*:*:*:*", "matchCriteriaId": "6BD07081-4460-4633-AE01-36BEE03193A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10h:*:*:*:*:*:*:*", "matchCriteriaId": "CE8B60B1-DA99-46BC-AA84-0D5D620D6160" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10i:*:*:*:*:*:*:*", "matchCriteriaId": "FB2979BD-01B9-4BF3-9C24-E529D11F435C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10j:*:*:*:*:*:*:*", "matchCriteriaId": "6DF43285-C448-436D-9089-C6D97802DCDD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.0.10k:*:*:*:*:*:*:*", "matchCriteriaId": "65814DFE-6E73-4C78-BAAA-B7FBA9FBF526" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A088B4E4-9A13-4F39-9708-40529410AB03" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F21B42F-56C2-422C-BFC8-701EDDCBE9E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "51A84B18-C5EA-4038-8123-1C9C2511BBCE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "68176849-3128-4112-BCF0-577253552456" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "FE9E422E-7EB8-407D-9DC4-4CCB83FAC834" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "7887413C-0F1B-4EBC-8E97-8ECC9EB8336D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "D9F909B4-62F6-4FD4-A0FB-F0BE918A2553" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "4F95EF53-7961-42A8-9BC5-0C53D6E81925" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "1737B143-D96E-4B6F-9623-E5F41EB70074" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "2CF662B3-B127-4EB4-AD53-E528E626356C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "830F3AE5-B93F-48E4-B6EB-A5D2974274E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "FCF0A754-420A-483E-BCD4-A46FC034D587" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "BF319AD0-BEEB-4348-A0BE-EAB4DB1D7F22" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "C200EAB1-5F45-408D-BF1B-BEDAD2B1C06B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sawmill:sawmill:7.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "FA5873ED-6E24-414A-92E9-01CE03C83284" } ] } ] } ], "references": [ { "url": "http://marc.info/?l=bugtraq&m=112654659400488&w=2", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/16744/", "source": "cve@mitre.org" }, { "url": "http://securityreason.com/securityalert/1", "source": "cve@mitre.org" }, { "url": "http://www.nta-monitor.com/news/xss/sawmill/index.htm", "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ] }, { "url": "http://www.sawmill.net/version_history.html", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22206", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=bugtraq&m=112654659400488&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/16744/", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://securityreason.com/securityalert/1", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.nta-monitor.com/news/xss/sawmill/index.htm", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ] }, { "url": "http://www.sawmill.net/version_history.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22206", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }