CVE-2007-3062: XSS
First published: Wed Jun 06 2007(Updated: )
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.2 running on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP System Management Homepage | =2.0.2 | |
| HP System Management Homepage | =2.1.1 | |
| HP System Management Homepage | =2.0.0 | |
| HP System Management Homepage | =2.0.1 | |
| HP System Management Homepage | =2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01056592
- http://jvn.jp/jp/JVN%2319240523/index.html
- http://osvdb.org/36829
- http://secunia.com/advisories/25493
- http://www.kb.cert.org/vuls/id/292457
- http://www.securityfocus.com/bid/24256
- http://www.securitytracker.com/id?1018179
- http://www.vupen.com/english/advisories/2007/2013
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34656
Frequently Asked Questions
What is the severity of CVE-2007-3062?
CVE-2007-3062 is classified as a medium severity Cross-Site Scripting (XSS) vulnerability.
How do I fix CVE-2007-3062?
To fix CVE-2007-3062, upgrade HP System Management Homepage to version 2.1.2 or later.
Which versions of HP System Management Homepage are affected by CVE-2007-3062?
CVE-2007-3062 affects HP System Management Homepage versions 2.0.0, 2.0.1, 2.0.2, and 2.1.1.
What types of attacks can be executed using CVE-2007-3062?
CVE-2007-3062 allows attackers to inject arbitrary web scripts or HTML, which can lead to data theft or account compromise.
Is CVE-2007-3062 present in Linux installations of HP System Management Homepage?
Yes, CVE-2007-3062 can be exploited on Linux installations of HP System Management Homepage prior to version 2.1.2.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/event
- agent/references
- agent/description
- agent/severity
- agent/weakness
- agent/author
- vendor/hp
- canonical/hp system management homepage
- version/hp system management homepage/2.0.0
- version/hp system management homepage/2.0.1
- version/hp system management homepage/2.0.2
- version/hp system management homepage/2.1
- version/hp system management homepage/2.1.1