Oval Definition:	oval:org.opensuse.security:def:20082025
Revision Date: 2021-08-15 Version: 1 Title: CVE-2008-2025 Description: Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters." Family: unix Class: vulnerability Status: Reference(s): CVE-2008-2025 Mitre CVE-2008-2025 SUSE CVE-2008-2025 SUSE-SR:2009:008 SUSE-SR:2009:008 Platform(s): openSUSE 10.3 openSUSE 11.0 openSUSE 11.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise SDK 11 GA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 Product(s): Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information struts-1.2.9-162.37 is installed OR struts-javadoc-1.2.9-162.37 is installed OR struts-manual-1.2.9-162.37 is installed Definition Synopsis Release Information sle11-sdk is installed AND struts-javadoc less than 1.2.9-162.31.1 OR struts-manual less than 1.2.9-162.31.1 OR struts less than 1.2.9-162.31.1 OR Package Information suse110 is installed struts-javadoc less than 1.2.9-198.2 OR struts-manual less than 1.2.9-198.2 OR struts-webapps-tomcat6 less than 1.2.9-198.2 OR struts less than 1.2.9-198.2 OR suse111 is installed struts-javadoc less than 1.2.9-162.163.2 OR struts-manual less than 1.2.9-162.163.2 OR struts-webapps-tomcat6 less than 1.2.9-162.163.2 OR struts less than 1.2.9-162.163.2 Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information struts-1.2.9-162.37.1 is installed OR struts-javadoc-1.2.9-162.37.1 is installed OR struts-manual-1.2.9-162.37.1 is installed
BACK