CVE-2012-6662 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:P/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 91%

Affected Products (NVD)

Vendor	Product	Version
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_hpc_node	7.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_workstation	7.0
jqueryui	jquery_ui	1.10.0:rc1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

jqueryui

bookworm	1.13.2+dfsg-1 fixed
bullseye	1.12.1+dfsg-8+deb11u2 fixed
sid	1.13.2+dfsg-1 fixed
squeeze	not-affected
trixie	1.13.2+dfsg-1 fixed
wheezy	not-affected

Ubuntu Releases

Ubuntu Product

Codename

jqueryui

lucid	ignored
precise	not-affected
trusty	not-affected
utopic	not-affected

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://bugs.jqueryui.com/ticket/8859

http://bugs.jqueryui.com/ticket/8861

http://rhn.redhat.com/errata/RHSA-2015-0442.html

http://rhn.redhat.com/errata/RHSA-2015-1462.html

http://seclists.org/oss-sec/2014/q4/613

http://seclists.org/oss-sec/2014/q4/616

http://www.securityfocus.com/bid/71107

https://exchange.xforce.ibmcloud.com/vulnerabilities/98697

https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e

https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde

https://github.com/jquery/jquery/issues/2432

http://bugs.jqueryui.com/ticket/8859

http://bugs.jqueryui.com/ticket/8861

http://rhn.redhat.com/errata/RHSA-2015-0442.html

http://rhn.redhat.com/errata/RHSA-2015-1462.html

http://seclists.org/oss-sec/2014/q4/613

http://seclists.org/oss-sec/2014/q4/616

http://www.securityfocus.com/bid/71107

https://exchange.xforce.ibmcloud.com/vulnerabilities/98697

https://github.com/jquery/jquery-ui/commit/5fee6fd5000072ff32f2d65b6451f39af9e0e39e

https://github.com/jquery/jquery-ui/commit/f2854408cce7e4b7fc6bf8676761904af9c96bde

https://github.com/jquery/jquery/issues/2432