cvelistv5 - cve-2007-3062

CVE-2007-3062 (GCVE-0-2007-3062)

Vulnerability from cvelistv5

Published

2007-06-06 01:00

Modified

2024-08-07 14:05

Severity ?

CWE

Summary

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/34656	vdb-entry, x_refsource_XF
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592	vendor-advisory, x_refsource_HP
	http://jvn.jp/jp/JVN%2319240523/index.html	third-party-advisory, x_refsource_JVN
	http://www.securitytracker.com/id?1018179	vdb-entry, x_refsource_SECTRACK
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/25493	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2013	vdb-entry, x_refsource_VUPEN
	http://www.kb.cert.org/vuls/id/292457	third-party-advisory, x_refsource_CERT-VN
	http://osvdb.org/36829	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/24256	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:05:27.879Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "hp-smh-unspecified-xss(34656)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
          },
          {
            "name": "SSRT071310",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
          },
          {
            "name": "JVN#19240523",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/jp/JVN%2319240523/index.html"
          },
          {
            "name": "1018179",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018179"
          },
          {
            "name": "HPSBMA02216",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
          },
          {
            "name": "25493",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25493"
          },
          {
            "name": "ADV-2007-2013",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2013"
          },
          {
            "name": "VU#292457",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/292457"
          },
          {
            "name": "36829",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36829"
          },
          {
            "name": "24256",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24256"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "hp-smh-unspecified-xss(34656)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
        },
        {
          "name": "SSRT071310",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
        },
        {
          "name": "JVN#19240523",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/jp/JVN%2319240523/index.html"
        },
        {
          "name": "1018179",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018179"
        },
        {
          "name": "HPSBMA02216",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
        },
        {
          "name": "25493",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25493"
        },
        {
          "name": "ADV-2007-2013",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2013"
        },
        {
          "name": "VU#292457",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/292457"
        },
        {
          "name": "36829",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36829"
        },
        {
          "name": "24256",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24256"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "hp-smh-unspecified-xss(34656)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34656"
            },
            {
              "name": "SSRT071310",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
            },
            {
              "name": "JVN#19240523",
              "refsource": "JVN",
              "url": "http://jvn.jp/jp/JVN%2319240523/index.html"
            },
            {
              "name": "1018179",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018179"
            },
            {
              "name": "HPSBMA02216",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592"
            },
            {
              "name": "25493",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25493"
            },
            {
              "name": "ADV-2007-2013",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2013"
            },
            {
              "name": "VU#292457",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/292457"
            },
            {
              "name": "36829",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36829"
            },
            {
              "name": "24256",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24256"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3062",
    "datePublished": "2007-06-06T01:00:00.000Z",
    "dateReserved": "2007-06-05T00:00:00.000Z",
    "dateUpdated": "2024-08-07T14:05:27.879Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-3062

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

HP System Management Homepage cross-site scripting vulnerability

Details

A cross-site scripting vulnerability exists in Hewlett-Packard HP System Management Homepage (SMH). HP System Management Homepage (SMH) from Hewlett-Packard is a web-based interface that can manage HP servers. A cross-site scripting vulnerability exists in SMH. It is also confirmed that Compaq System Management Homepage, the product previous to SMH, contains a similar cross-site scripting vulnerability. The vendor recommends users to upgrade to SMH, as Compaq System Management Homepage is an outdated product and is no longer available. For more information, refer to the vendor's website.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN19240523/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3062
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3062
	JPCERT-WR	http://www.jpcert.or.jp/wr/2007/wr072101.txt
	CERT-VN	http://www.kb.cert.org/vuls/id/292457
	SECUNIA	http://secunia.com/advisories/25493
	BID	http://www.securityfocus.com/bid/24256
	XF	http://xforce.iss.net/xforce/xfdb/34656
	SECTRACK	http://www.securitytracker.com/id?1018179
	FRSIRT	http://www.frsirt.com/english/advisories/2007/2013

Impacted products

Vendor

Product

Hewlett-Packard Development Company,L.P

HP System Management Homepage

Show details on JVN DB website