Candidate: CVE-2009-4837
PublicDate: 2010-05-06 12:47:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4837
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and
 Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject
 arbitrary web script or HTML via the (1) sig[1] parameter to
 base/base_qry_main.php, or the time[0][1] parameter to (2)
 base/base_stat_alerts.php or (3) base/base_stat_uaddr.php.  NOTE: some of
 these details are obtained from third party information.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_acidbase:
upstream_acidbase: released (1.4.3.1)
dapper_acidbase: ignored (reached end-of-life)
hardy_acidbase: ignored (reached end-of-life)
jaunty_acidbase: ignored (reached end-of-life)
karmic_acidbase: ignored (reached end-of-life)
lucid_acidbase: not-affected (1.4.4-3ubuntu1)
maverick_acidbase: not-affected (1.4.4-3ubuntu1)
natty_acidbase: not-affected (1.4.4-3ubuntu1)
oneiric_acidbase: not-affected (1.4.4-3ubuntu1)
devel_acidbase: not-affected (1.4.4-3ubuntu1)