Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for Meeting Room Reservations by AdSystems Co.,Ltd.

jvndb-2009-000031

Vulnerability from jvndb

Published

2009-05-27 18:28

Modified

2009-05-27 18:28

Severity ?

() - -

Summary

Cross-site scripting vulnerability in leger (free edition)

Details

leger (free edition) from 'AD2000' contains a cross-site scripting vulnerability. leger (free edition) from 'AD2000' is a software to manage conference room reservations. leger (free edition) contains a cross-site scripting vulnerability. The vendor has reported that Ver. 1.6.4 released on May 22, 2009 did not address the vulnerability. The vulernability has been addressed in Ver. 1.6.5 released on May 26, 2009. For more information, refer to the vendor's website. Tsuyoshi Ishibashi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN57036470/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2240
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2240
	SECUNIA	http://secunia.com/advisories/35148
	BID	http://www.securityfocus.com/bid/35068
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

AdSystems Co.,Ltd.

Meeting Room Reservations

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000031.html",
  "dc:date": "2009-05-27T18:28+09:00",
  "dcterms:issued": "2009-05-27T18:28+09:00",
  "dcterms:modified": "2009-05-27T18:28+09:00",
  "description": "leger (free edition) from \u0027AD2000\u0027 contains a cross-site scripting vulnerability. \r\n\r\nleger (free edition) from \u0027AD2000\u0027 is a software to manage conference room reservations. leger (free edition) contains a cross-site scripting vulnerability. \r\n\r\nThe vendor has reported that Ver. 1.6.4 released on May 22, 2009 did not address the vulnerability. The vulernability has been addressed in Ver. 1.6.5 released on May 26, 2009. For more information, refer to the vendor\u0027s website.\r\n\r\nTsuyoshi Ishibashi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendor under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000031.html",
  "sec:cpe": {
    "#text": "cpe:/a:ad2000:meeting_room_reservations",
    "@product": "Meeting Room Reservations",
    "@vendor": "AdSystems Co.,Ltd.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-000031",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN57036470/index.html",
      "@id": "JVN#57036470",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2240",
      "@id": "CVE-2009-2240",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2240",
      "@id": "CVE-2009-2240",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/35148",
      "@id": "SA35148",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/35068",
      "@id": "35068",
      "@source": "BID"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Cross-site scripting vulnerability in leger (free edition)"
}