CVE-2009-0404

Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
bioinformaticshtmlawed
𝑥
≤ 1.1.3
bioinformaticshtmlawed
1.0
bioinformaticshtmlawed
1.0.1
bioinformaticshtmlawed
1.0.2
bioinformaticshtmlawed
1.0.3
bioinformaticshtmlawed
1.0.4
bioinformaticshtmlawed
1.0.5
bioinformaticshtmlawed
1.0.6
bioinformaticshtmlawed
1.0.7
bioinformaticshtmlawed
1.0.8
bioinformaticshtmlawed
1.0.9
bioinformaticshtmlawed
1.1
bioinformaticshtmlawed
1.1.1
bioinformaticshtmlawed
1.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293026
http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293090
http://osvdb.org/51650
http://secunia.com/advisories/33655
http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=85
http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_README.htm#s4.3
http://www.securityfocus.com/bid/33507
https://exchange.xforce.ibmcloud.com/vulnerabilities/48333
http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293026
http://freshmeat.net/projects/htmlawed/?branch_id=74760&release_id=293090
http://osvdb.org/51650
http://secunia.com/advisories/33655
http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=85
http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/htmLawed_README.htm#s4.3
http://www.securityfocus.com/bid/33507
https://exchange.xforce.ibmcloud.com/vulnerabilities/48333