Cross-Site Scripting Vulnerability in IBM OS/400
CVE-2008-0694

Currently unrated

Key Information:

Vendor: IBM
Status: Os 400
Vendor: CVE Published:; 12 February 2008

Summary

An XSS vulnerability exists in the HTTP Server of IBM's OS/400 versions V5R3M0 and V5R4M0, enabling remote attackers to inject arbitrary web scripts or HTML through the Expect HTTP header. If exploited, this vulnerability could compromise web applications and lead to unauthorized access to sensitive information.

References

http://secunia.com/advisories/28744

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2008/0397

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/27595

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 12, 2008
Vulnerability Reserved
Feb 11, 2008