Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2012-0869
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- None
- Integrity Impact
- Partial
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:ulli_horlacher:fex:20110830:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110621:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:2011205:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110610:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111115:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110622:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110616:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110807:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110811:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110907:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120204:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120709:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120305:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120202:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120705:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120102:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110727:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110701:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110813:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110901:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110808:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110716:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120117:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111003:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120605:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20111129:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111231:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120203:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110609:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20100208:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110919:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111108:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110810:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111013:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110906:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110921:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110614:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110930:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120407:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20110615:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120621:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120406:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20111028:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110722:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111102:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110630:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110905:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110730:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120718:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120404:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120606:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120502:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120711:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120125:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110920:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120301:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20110826:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111230:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110803:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120601:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20110809:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120426:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120702:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20110829:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20111005:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120201:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120504:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20120710:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20110726:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110731:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20110627:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120701:*:*:*:*:*:*:* | No | - | - | |
cpe:2.3:a:ulli_horlacher:fex:20110714:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:ulli_horlacher:fex:20120106:*:*:*:*:*:*:* |
Yes
|
- | - |
References
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0112.html
- http://fex.rus.uni-stuttgart.de/fex.html
- http://www.openwall.com/lists/oss-security/2012/02/20/1
- http://osvdb.org/79420
- http://secunia.com/advisories/47971
- http://www.openwall.com/lists/oss-security/2012/02/23/2
- http://www.securityfocus.com/bid/52085
- http://www.debian.org/security/2012/dsa-2414
- http://www.openwall.com/lists/oss-security/2012/02/20/8
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0109.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78966