Summary
This host is installed with IBM Lotus Notes and is prone to cross site scripting vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Impact Level: System/Application
Solution
Upgrade to IBM Lotus Notes 8.5.3 FP3
For updates refer to http://www-01.ibm.com/support/docview.wss?uid=swg21619604
Insight
An error exists within the Web applications which allows an attacker to read or set the cookie value by injecting script.
Affected
IBM Lotus Notes Version 8.x before 8.5.3 FP3 on Mac OS X
References
Severity
Classification
-
CVE CVE-2012-4846 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
- Apple Safari Webkit Multiple Vulnerabilities - March 2011
- Adobe Digital Edition Information Disclosure Vulnerability (Windows)
- Apple iTunes Multiple Vulnerabilities - Apr10
- Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)