Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bioinformatics | Htmlawed | <= 1.1.3 |
Related Weaknesses (CWE)
References
- http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293026
- http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293090
- http://osvdb.org/51650
- http://secunia.com/advisories/33655Vendor Advisory
- http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=85Vendor Advisory
- http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_RE
- http://www.securityfocus.com/bid/33507
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48333
- http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293026
- http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293090
- http://osvdb.org/51650
- http://secunia.com/advisories/33655Vendor Advisory
- http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=85Vendor Advisory
- http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_RE
- http://www.securityfocus.com/bid/33507
FAQ
What is CVE-2009-0404?
CVE-2009-0404 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) ex...
How severe is CVE-2009-0404?
CVE-2009-0404 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0404?
Check the references section above for vendor advisories and patch information. Affected products include: Bioinformatics Htmlawed.