CVE-2012-4003 in Ubuntu

CVE-2012-4003

Priority

Medium

Description

Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI
before 0.83.3 allow remote attackers to inject arbitrary web script or HTML
via unknown vectors.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4003
http://www.openwall.com/lists/oss-security/2012/07/13/1

Package

Source: glpi (LP Ubuntu Debian)

Upstream:	released (0.83.3)
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	needed
Ubuntu 11.10 (Oneiric Ocelot):	ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):	needed
Ubuntu 12.10 (Quantal Quetzal):	not-affected (0.83.31-1)
Ubuntu 13.04 (Raring Ringtail):	not-affected (0.83.31-1)
Ubuntu 13.10 (Saucy Salamander):	not-affected (0.83.31-1)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2013-05-09 15:16:52 UTC (commit 6824)