Candidate: CVE-2010-2155
PublicDate: 2010-06-03 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2155
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in zc/publisher/html.rb
 in ZoneCheck 2.1.0 allow remote attackers to inject arbitrary web script or
 HTML via vectors related to (1) xmlnode.value, (2) zc-error text, (3)
 $zc_version, (4) domainname in a zc-title row, different vulnerabilities
 than CVE-2009-4882.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583290
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_zonecheck:
 upstream: http://cvs.savannah.gnu.org/viewvc/zonecheck/zc/publisher/html.rb?root=zonecheck&view=log#rev1.80
 vendor: http://www.debian.org/security/2010/dsa-2056
upstream_zonecheck: released (2.1.1)
dapper_zonecheck: ignored (reached end-of-life)
hardy_zonecheck: ignored (reached end-of-life)
jaunty_zonecheck: released (2.0.4-13lenny1build0.9.04.1)
karmic_zonecheck: released (2.0.4-13lenny1build0.9.10.1)
lucid_zonecheck: ignored (reached end-of-life)
maverick_zonecheck: not-affected (2.1.1-1)
natty_zonecheck: not-affected (2.1.1-1)
oneiric_zonecheck: not-affected (2.1.1-1)
precise_zonecheck: not-affected (2.1.1-1)
quantal_zonecheck: not-affected (2.1.1-1)
raring_zonecheck: not-affected (2.1.1-1)
saucy_zonecheck: not-affected (2.1.1-1)
devel_zonecheck: not-affected (2.1.1-1)