Published: 04/10/2002 Updated: 05/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote malicious users to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bluecoat cacheos 4.1.6
bluecoat cacheos 3.1.18
bluecoat cacheos 3.1.19
bluecoat cacheos 3.1.21
bluecoat cacheos 4.0
bluecoat cacheos 4.0.12
bluecoat cacheos 4.0.14
bluecoat cacheos 3.1.17
bluecoat cacheos 4.0.11
bluecoat cacheos 4.0.13

source: wwwsecurityfocuscom/bid/5305/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems It is maintained and distributed by CacheFlow User supplied data is not sanitized before being included in an unresolved host error page An attacker may construct a link for a nonexistant subdomain of a valid sit ...

NVD-CWE-Other http://www.securityfocus.com/bid/5305 http://www.iss.net/security_center/static/9674.php http://download.cacheflow.com/release/CA/4.1.00-docs/CACacheOS41fixes.htm http://archives.neohapsis.com/archives/bugtraq/2002-07/0283.html http://www.securityfocus.com/bid/5608 https://nvd.nist.gov https://www.exploit-db.com/exploits/21649/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1060

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect