Cross-Site Scripting Vulnerability in BitDefender Internet Security 2009
CVE-2009-0850

Currently unrated

Key Information:

Vendor: Bitdefender
Status: Internet Security
Vendor: CVE Published:; 9 March 2009

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2009-0850?

A cross-site scripting vulnerability exists in BitDefender Internet Security 2009 that can be exploited by remote attackers. This issue arises when user-assisted manipulation of file names allows the injection of arbitrary web scripts or HTML. Attackers can exploit this vulnerability through the use of infected files within archive formats such as .rar or .zip, potentially compromising the user's session or performing unwanted actions in the context of the affected application.

References

http://www.securityfocus.com/bid/33921

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/501299/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/34082

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2009
Vulnerability Reserved
Mar 9, 2009