Summary
The host is installed with WoW Raid Manager and is prone to Cross-Site Scripting vulnerability.
Impact
Successful remote exploitation will let the attacker execute arbitrary code in the scope of the application. As a result the attacker may gain sensitive information and use it to redirect the user to any other malicious URL.
Impact Level: Application
Solution
Upgrade to version 3.5.1
http://www.wowraidmanager.net/downloadrel.php
Insight
The flaw exists due to WoW Raid Manager fails to properly sanitise user supplied input.
Affected
WoW Raid Manager versions prior to 3.5.1.
References
Severity
Classification
-
CVE CVE-2008-6161 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)
- Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
- Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)
- Asterisk CIDR Notation in Access Rule Remote Security Bypass Vulnerability
- Adobe Reader Plugin Signature Bypass Vulnerability (Linux)