ID CVE-2005-2523
Summary Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
References
Vulnerable Configurations
  • Apple Weblog Server
    cpe:2.3:a:apple:weblog_server
  • Apple Mac OS X 10.4
    cpe:2.3:o:apple:mac_os_x:10.4
  • Apple Mac OS X 10.4.1
    cpe:2.3:o:apple:mac_os_x:10.4.1
  • Apple Mac OS X 10.4.2
    cpe:2.3:o:apple:mac_os_x:10.4.2
CVSS
Base: 4.3 (as of 19-08-2005 - 10:32)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
exploit-db via4
description Apple Mac OS X 10.4 Weblog Server Cross-Site Scripting Vulnerabilities. CVE-2005-2523. Remote exploit for osx platform
id EDB-ID:26152
last seen 2016-02-03
modified 2005-08-15
published 2005-08-15
reporter Donnie Werner
source https://www.exploit-db.com/download/26152/
title Apple Mac OS X 10.4 Weblog Server Cross-Site Scripting Vulnerabilities
nessus via4
NASL family MacOS X Local Security Checks
NASL id MACOSX_SECUPD2005-007.NASL
description The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2005-007 applied. This security update contains fixes for the following products : - Apache 2 - AppKit - Bluetooth - CoreFoundation - CUPS - Directory Services - HItoolbox - Kerberos - loginwindow - Mail - MySQL - OpenSSL - QuartzComposerScreenSaver - ping - Safari - SecurityInterface - servermgrd - servermgr_ipfilter - SquirelMail - traceroute - WebKit - WebLog Server - X11 - zlib
last seen 2019-02-21
modified 2018-07-14
plugin id 19463
published 2005-08-18
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=19463
title Mac OS X Multiple Vulnerabilities (Security Update 2005-007)
packetstorm via4
data source https://packetstormsecurity.com/files/download/39428/EXPL-A-2005-010.txt
id PACKETSTORM:39428
last seen 2016-12-05
published 2005-08-17
reporter Donnie Werner
source https://packetstormsecurity.com/files/39428/Exploit-Labs-Security-Advisory-2005.10.html
title Exploit Labs Security Advisory 2005.10
refmap via4
apple
  • APPLE-SA-2005-08-15
  • APPLE-SA-2005-08-17
Last major update 05-09-2008 - 16:51
Published 19-08-2005 - 00:00
Back to Top