Vulnerability Name:

CVE-2010-2802 (CCN-61704)

Assigned:2010-07-22
Published:2010-07-22
Updated:2011-01-04
Summary:Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows remote authenticated users to inject arbitrary web script or HTML via an HTML document with a .gif filename extension, related to inline attachments.
CVSS v3 Severity:2.6 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
3.5 Low (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-2802

Source: CCN
Type: MantisBT Web site
Mantis Bug Tracker

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.mantisbt.org/blog/?p=113

Source: CONFIRM
Type: Vendor Advisory
http://www.mantisbt.org/bugs/view.php?id=11952

Source: MLIST
Type: UNKNOWN
[oss-security] 20100803 CVE request: Attachment XSS in mantis < 1.2.2

Source: MLIST
Type: UNKNOWN
[oss-security] 20100803 Re: CVE request: Attachment XSS in mantis < 1.2.2

Source: CCN
Type: OSVDB ID: 67889
MantisBT Inline Attachment GIF Filename Extension XSS

Source: CCN
Type: Red Hat Bugzilla Bug 620992
CVE-2010-2802 mantis: cross-domain scripting or other browser attacks via arbitrary inline attachment rendering

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=620992

Source: XF
Type: UNKNOWN
mantisbt-gif-xss(61704)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mantisbt:mantisbt:0.18.0:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.0:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.0a1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.0a2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.3:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.4:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.5:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:rc5:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0a1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0a2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0a3:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.2.0:-:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:*:*:*:*:*:*:*:* (Version <= 1.2.1)

    • Configuration CCN 1:
  • cpe:/a:mantisbt:mantisbt:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.2.0:-:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.4:*:*:*:*:*:*:*
  • OR cpe:/a:mantisbt:mantisbt:0.19.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.precise:def:20102802000
    V
    		CVE-2010-2802 on Ubuntu 12.04 LTS (precise) - low.
    2010-09-07
    BACK
    mantisbt mantisbt 0.18.0
    mantisbt mantisbt 0.19.0
    mantisbt mantisbt 0.19.0 rc1
    mantisbt mantisbt 0.19.0a1
    mantisbt mantisbt 0.19.0a2
    mantisbt mantisbt 0.19.1
    mantisbt mantisbt 0.19.2
    mantisbt mantisbt 0.19.3
    mantisbt mantisbt 0.19.4
    mantisbt mantisbt 0.19.5
    mantisbt mantisbt 1.0.0
    mantisbt mantisbt 1.0.0 rc1
    mantisbt mantisbt 1.0.0 rc2
    mantisbt mantisbt 1.0.0 rc3
    mantisbt mantisbt 1.0.0 rc4
    mantisbt mantisbt 1.0.0 rc5
    mantisbt mantisbt 1.0.0a1
    mantisbt mantisbt 1.0.0a2
    mantisbt mantisbt 1.0.0a3
    mantisbt mantisbt 1.0.1
    mantisbt mantisbt 1.0.2
    mantisbt mantisbt 1.0.3
    mantisbt mantisbt 1.0.4
    mantisbt mantisbt 1.0.5
    mantisbt mantisbt 1.0.6
    mantisbt mantisbt 1.0.7
    mantisbt mantisbt 1.0.8
    mantisbt mantisbt 1.1.0
    mantisbt mantisbt 1.1.1
    mantisbt mantisbt 1.1.2
    mantisbt mantisbt 1.1.4
    mantisbt mantisbt 1.1.5
    mantisbt mantisbt 1.1.6
    mantisbt mantisbt 1.1.7
    mantisbt mantisbt 1.1.8
    mantisbt mantisbt 1.2.0
    mantisbt mantisbt *
    mantisbt mantisbt 1.2.1
    mantisbt mantisbt 1.2.0
    mantisbt mantisbt 1.1.8
    mantisbt mantisbt 1.1.7
    mantisbt mantisbt 1.1.6
    mantisbt mantisbt 1.1.5
    mantisbt mantisbt 1.1.4
    mantisbt mantisbt 1.1.2
    mantisbt mantisbt 1.1.1
    mantisbt mantisbt 1.1.0
    mantisbt mantisbt 1.0.8
    mantisbt mantisbt 1.0.7
    mantisbt mantisbt 1.0.6
    mantisbt mantisbt 1.0.5
    mantisbt mantisbt 1.0.4
    mantisbt mantisbt 1.0.3
    mantisbt mantisbt 1.0.2
    mantisbt mantisbt 1.0.1
    mantisbt mantisbt 1.0.0
    mantisbt mantisbt 0.19.4
    mantisbt mantisbt 0.19.3