mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
101 lines
3.0 KiB
JSON
101 lines
3.0 KiB
JSON
{
|
|
"id": "CVE-2011-2644",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2011-08-23T21:55:01.493",
|
|
"lastModified": "2017-08-29T01:29:28.940",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Kiwi antes de v3.74.2, que se utiliza en SUSE Studio v1.1 antes de v1.1.4, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados, relacionados con una pantalla de informaci\u00f3n RPM."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:marcus_schafer:kiwi:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.74.1",
|
|
"matchCriteriaId": "58037766-D68D-4A0F-BD93-2813F9954031"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:novell:suse_studio_onsite:1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EE3F94E8-31C6-4C82-AE55-767A23AE3495"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00013.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://support.novell.com/security/cve/CVE-2011-2644.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/49236",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.novell.com/show_bug.cgi?id=700591",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69279",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |