admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2003/CVE-2003-01xx/CVE-2003-0154.json
cad-safe-bot 60232de4e9 Auto-Update: 2025-04-03T02:02:27.113119+00:00
2025-04-03 02:06:18 +00:00

154 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2003-0154",
"sourceIdentifier": "cve@mitre.org",
"published": "2003-04-02T05:00:00.000",
"lastModified": "2025-04-03T01:03:51.193",
"vulnStatus": "Deferred",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"baseScore": 6.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:bonsai:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB5E323-DE93-400A-9249-08E805A1347C"
}
]
}
]
}
],
"references": [
{
"url": "http://bugzilla.mozilla.org/attachment.cgi?id=95950&action=view",
"source": "cve@mitre.org"
},
{
"url": "http://bugzilla.mozilla.org/attachment.cgi?id=95985&action=view",
"source": "cve@mitre.org"
},
{
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=146244",
"source": "cve@mitre.org"
},
{
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=163573",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=102980129101054&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://www.debian.org/security/2003/dsa-265",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.iss.net/security_center/static/9920.php",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/5516",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://bugzilla.mozilla.org/attachment.cgi?id=95950&action=view",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://bugzilla.mozilla.org/attachment.cgi?id=95985&action=view",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=146244",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=163573",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://marc.info/?l=bugtraq&m=102980129101054&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.debian.org/security/2003/dsa-265",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.iss.net/security_center/static/9920.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/5516",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink