Cross-Site Scripting Vulnerability in GNUMP3D by GNU
CVE-2005-3424

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnump3d
Vendor: CVE Published:; 1 November 2005

Summary

A cross-site scripting (XSS) vulnerability exists in GNUMP3D versions prior to 2.9.5, which allows remote attackers to inject arbitrary web scripts or HTML into 404 error pages. This vulnerability enables the execution of unwarranted scripts in the context of a user's browser, potentially compromising user data and session integrity.

References

http://www.novell.com/linux/security/advisories/2005_28_s...

vendor-advisoryx_refsource_SUSE

http://www.osvdb.org/20359

vdb-entryx_refsource_OSVDB

http://www.gnu.org/software/gnump3d/ChangeLog

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 1, 2005
Vulnerability Reserved
Nov 1, 2005