Candidate: CVE-2010-4647
PublicDate: 2011-01-13 19:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4647
 http://openwall.com/lists/oss-security/2011/01/06/7
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents
 web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow
 remote attackers to inject arbitrary web script or HTML via the query
 string to (1) help/index.jsp or (2) help/advanced/content.jsp.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.eclipse.org/bugs/show_bug.cgi?id=329582
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_eclipse:
upstream_eclipse: released (3.5.2-9)
dapper_eclipse: ignored (reached end-of-life)
hardy_eclipse: ignored (reached end-of-life)
karmic_eclipse: ignored (reached end-of-life)
lucid_eclipse: ignored (reached end-of-life)
maverick_eclipse: ignored (reached end-of-life)
natty_eclipse: ignored (reached end-of-life)
oneiric_eclipse: not-affected (3.5.2-10ubuntu2)
precise_eclipse: not-affected (3.5.2-10ubuntu2)
quantal_eclipse: not-affected (3.5.2-10ubuntu2)
raring_eclipse: not-affected (3.5.2-10ubuntu2)
saucy_eclipse: not-affected (3.5.2-10ubuntu2)
devel_eclipse: not-affected (3.5.2-10ubuntu2)