Summary
The host is running HP SMH with Insight Diagnostics and is prone to cross-site scripting vulnerability.
Impact
Successful exploitation will allow attackers to inject arbitrary HTML code in the context of an affected site.
Impact Level: Application
Solution
Upgrade to 8.5.1.3712 or higher versions or refer vendor advisory for update, http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02652463
Insight
The flaw is caused due imporper validation of user supplied input via unspecified vectors, which allows attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Affected
HP Insight Diagnostics Online Edition before 8.5.1.3712 on Linux.
References
Severity
Classification
-
CVE CVE-2010-4111 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
- Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
- Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)
- Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)