Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 15/09/2010 Updated: 31/07/2013

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 with firmware prior to 1.0.13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: a separate XSS issue for HP System Management Homepage (SMH) was originally assigned CVE-2010-3010 due to a CNA error, but CVE-2010-3012 is the appropriate identifier for the SMH issue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp 3com_officeconnect_gigabit_vpn_firewall_software 1.0.8
hp 3com_officeconnect_gigabit_vpn_firewall_software
hp 3crevf100-73

CWE-79 http://securitytracker.com/id?1024449 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02507909 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3010

Vulnerability Summary

References

Vulmon Search

About

Products

Connect