CVE-2009-0307

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in the "Customize Statistics Page" (admin/statistics/ConfigureStatistics) in the MDS Connection Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) before 4.1.6 MR5 allows remote attackers to inject arbitrary web script or HTML via the (1) customDate, (2) interval, (3) lastCustomInterval, (4) lastIntervalLength, (5) nextCustomInterval, (6) nextIntervalLength, (7) action, (8) delIntervalIndex, (9) addStatIndex, (10) delStatIndex, and (11) referenceTime parameters.

🔗 References (14)

cve@mitrehttp://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html
cve@mitrehttp://osvdb.org/53772
cve@mitrehttp://secunia.com/advisories/34740
cve@mitrehttp://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969&sliceID=1&command=show&forward=nonthreadedKC&kcId=KB17969
cve@mitrehttp://www.securityfocus.com/bid/34573
cve@mitrehttp://www.securitytracker.com/id?1022081
cve@mitrehttp://www.vupen.com/english/advisories/2009/1090
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2009-04/0170.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53772
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34740
af854a3a-2127-422b-91ae-364da2661108http://www.blackberry.com/btsc/dynamickc.do?externalId=KB17969&sliceID=1&command=show&forward=nonthreadedKC&kcId=KB17969
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34573
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022081
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1090

Is Your Infrastructure Affected by CVE-2009-0307?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-0307

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-0307?