Vulnerability Description
Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canon | Network Camera Server Vb100 | 3.0 |
| Canon | Network Camera Server Vb101 | 3.0 |
| Canon | Network Camera Server Vb150 | 1.1 |
References
- http://cweb.canon.jp/drv-upd/webview/notification.html
- http://jvn.jp/jp/JVN%2306735665/
- http://osvdb.org/35019
- http://secunia.com/advisories/24940PatchVendor Advisory
- http://www.securityfocus.com/bid/23560
- http://www.vupen.com/english/advisories/2007/1461
- http://cweb.canon.jp/drv-upd/webview/notification.html
- http://jvn.jp/jp/JVN%2306735665/
- http://osvdb.org/35019
- http://secunia.com/advisories/24940PatchVendor Advisory
- http://www.securityfocus.com/bid/23560
- http://www.vupen.com/english/advisories/2007/1461
FAQ
What is CVE-2007-2680?
CVE-2007-2680 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allo...
How severe is CVE-2007-2680?
CVE-2007-2680 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2680?
Check the references section above for vendor advisories and patch information. Affected products include: Canon Network Camera Server Vb100, Canon Network Camera Server Vb101, Canon Network Camera Server Vb150.