Candidate: CVE-2009-4882
PublicDate: 2010-06-02 19:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4882
Description:
 Cross-site scripting (XSS) vulnerability in zc/publisher/html.rb in
 ZoneCheck 2.0.4-13 and 2.1.0 allows remote attackers to inject arbitrary
 web script or HTML via the ns parameter to zc.cgi.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583290
 https://savannah.nongnu.org/bugs/?29967
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_zonecheck:
 upstream: http://cvs.savannah.gnu.org/viewvc/zonecheck/zc/publisher/html.rb?root=zonecheck&r1=1.79&r2=1.80
 vendor: http://www.debian.org/security/2010/dsa-2056
upstream_zonecheck: released (2.1.1)
dapper_zonecheck: ignored (reached end-of-life)
hardy_zonecheck: ignored (reached end-of-life)
jaunty_zonecheck: released (2.0.4-13lenny1build0.9.04.1)
karmic_zonecheck: released (2.0.4-13lenny1build0.9.10.1)
lucid_zonecheck: ignored (reached end-of-life)
maverick_zonecheck: not-affected (2.1.1-1)
natty_zonecheck: not-affected (2.1.1-1)
oneiric_zonecheck: not-affected (2.1.1-1)
precise_zonecheck: not-affected (2.1.1-1)
quantal_zonecheck: not-affected (2.1.1-1)
raring_zonecheck: not-affected (2.1.1-1)
saucy_zonecheck: not-affected (2.1.1-1)
devel_zonecheck: not-affected (2.1.1-1)