CVE-2010-2086

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 08-02-2010 01:00

Last modified: - 08-02-2010 01:00

Total changes: - 8

Description

CVE-2010-2086 Apache MyFaces: XSS via state view

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:P/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

5.8

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=glassfish-jsf-0 AND versionEndExcluding=1.2_13-2.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=httpd22-0 AND versionEndExcluding=2.2.14-4.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-chain-0 AND versionEndExcluding=1.2-2.1.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-digester-0 AND versionEndExcluding=1.8.1-7.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-io-0 AND versionEndExcluding=1.4-1.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-modeler-0 AND versionEndExcluding=2.0-3.3.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-validator-0 AND versionEndExcluding=1.3.1-7.4.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-oro-0 AND versionEndExcluding=2.0.8-3jpp.ep1.3.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jboss-javaee-0 AND versionEndExcluding=5.0.1-2.3.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=mod_jk-0 AND versionEndExcluding=1.2.28-4.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=struts12-0 AND versionEndExcluding=1.2.9-2.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=Tomcat AND versionEndExcluding=5.5.28-7.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=Tomcat AND versionEndExcluding=6.0.24-2.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=Tomcat AND versionEndExcluding=1.1.19-2.0.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=xerces-j2-0 AND versionEndExcluding=2.9.1-2.2_patch_01.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=xml-commons-resolver12-1 AND versionEndExcluding=1.2-1.1.ep5.el4

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=glassfish-jsf-0 AND versionEndExcluding=1.2_13-3.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=httpd-0 AND versionEndExcluding=2.2.14-1.2.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-chain-0 AND versionEndExcluding=1.2-2.1.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-commons-io-0 AND versionEndExcluding=1.4-1.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=jakarta-oro-0 AND versionEndExcluding=2.0.8-3.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=mod_jk-0 AND versionEndExcluding=1.2.28-4.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=struts12-0 AND versionEndExcluding=1.2.9-2.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=Tomcat AND versionEndExcluding=5.5.28-7.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=Tomcat AND versionEndExcluding=6.0.24-2.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

AND

product=Tomcat AND versionEndExcluding=1.1.19-2.0.1.ep5.el5

vendor=Red Hat Enterprise Linux AND product=jboss_enterprise_web_server AND version=1

Reference

Keywords

REDHAT

CVE-2010-2086

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.