CVE-2009-3701

NameCVE-2009-3701
DescriptionMultiple cross-site scripting (XSS) vulnerabilities in the ...
SourceCVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, SuSE, more)
ReferencesDSA-1966-1
Debian/oldstablenot vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
horde3 (PTS)squeeze, squeeze (security)3.3.8+debian0-3fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
horde3source(unstable)3.3.6+debian0-1low
horde3sourceetch3.1.3-4etch7DSA-1966-1
horde3sourcelenny3.2.2+debian0-2+lenny2DSA-1966-1

Notes

In order to successfully exploit this vulnerability the targeted user has to be logged as an administrator.

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)