Published: 01/11/2005 Updated: 08/03/2011

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in GNUMP3D prior to 2.9.5 allows remote malicious users to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu gnump3d 2.0
gnu gnump3d 2.1
gnu gnump3d 2.7
gnu gnump3d 2.8
gnu gnump3d 2.4
gnu gnump3d 2.5
gnu gnump3d 2.9.2
gnu gnump3d 2.9.3
gnu gnump3d 2.5b
gnu gnump3d 2.6
gnu gnump3d 2.9.4
gnu gnump3d 2.2
gnu gnump3d 2.3
gnu gnump3d 2.9
gnu gnump3d 2.9.1

Steve Kemp discovered two vulnerabilities in gnump3d, a streaming server for MP3 and OGG files The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2005-3122 The 404 error page does not strip malicious javascript content from the resulting page, which would be executed in the victims browser CVE-20 ...

NVD-CWE-Other http://lists.gnu.org/archive/html/gnump3d-users/2005-10/msg00013.html http://www.gnu.org/software/gnump3d/ChangeLog http://www.debian.org/security/2005/dsa-877 http://www.osvdb.org/20359 http://secunia.com/advisories/17351 http://www.securityfocus.com/bid/15226 http://www.novell.com/linux/security/advisories/2005_28_sr.html http://www.vupen.com/english/advisories/2005/2242 https://nvd.nist.gov https://www.debian.org/security/./dsa-877

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-3424

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect