Showing 1 - 1 of 1

CVE-2010-0440

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html.

Related Files

Core Security Technologies Advisory 2010.0106: Posted Feb 2, 2010; Authored by Core Security Technologies | Site coresecurity.com; Core Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully make the attack, the Secure Desktop application on the Cisco Appliance must be turned on.; tags | exploit, web, xss; systems | cisco; advisories | CVE-2010-0440; SHA-256 | f8c48a5475b2b0502d92201a787561418f197b00968eea66badd89e44af41aab; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 263 files
indoushka 179 files
Jay Turla 150 files
Ubuntu 85 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 25 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,125)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,592)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,340)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,897)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,876)
UNIX (9,458)
UnixWare (188)
Windows (6,772)
Other

CVE-2010-0440

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems