Vulnerability Description
Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a virus-infected file, as demonstrated by a filename inside a (1) rar or (2) zip archive file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitdefender | Internet Security | 2009 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/34082Vendor Advisory
- http://www.securityfocus.com/archive/1/501277/100/0/threaded
- http://www.securityfocus.com/archive/1/501299/100/0/threaded
- http://www.securityfocus.com/bid/33921
- http://www.vupen.com/english/advisories/2009/0557Vendor Advisory
- http://secunia.com/advisories/34082Vendor Advisory
- http://www.securityfocus.com/archive/1/501277/100/0/threaded
- http://www.securityfocus.com/archive/1/501299/100/0/threaded
- http://www.securityfocus.com/bid/33921
- http://www.vupen.com/english/advisories/2009/0557Vendor Advisory
FAQ
What is CVE-2009-0850?
CVE-2009-0850 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a virus-infected file, a...
How severe is CVE-2009-0850?
CVE-2009-0850 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0850?
Check the references section above for vendor advisories and patch information. Affected products include: Bitdefender Internet Security.