CVE-2010-4647

Published Jan 13, 2011
Last updated a month ago
CVSS info 4.3
Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.
Source: secalert@redhat.com
NVD status: Deferred
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0C1BF21-969E-4678-93A9-77B9B498F2BA",
            "versionEndIncluding": "3.6.1"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4885748-0EB1-40B1-B4AB-98E410126D71"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ECF677E-6117-4F0E-A092-1A2188B2ABF2"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D063DE9-3338-474B-97C9-C2E4F296E5CE"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D86750B2-3009-4191-B691-7E066260515A"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "941AD1D7-680B-465C-B5B2-B6301560B97E"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DD3CF02-B949-4799-BB91-113A3CA41A7C"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "679006A3-7CC5-4D77-979C-8D22EDB4E4A8"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66FA5EF5-86E2-4DA5-9E84-F3FC1EFCBBFF"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E39FDE00-59B9-428C-857B-10DBC6CAD937"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4038314-44C4-40AE-A558-74073F15750D"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0837DD00-2778-4C34-99F4-4878FA537C16"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4C760BD-9E48-4EE5-93BA-8C1DC996B3AF"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC2A5188-7229-4B19-9786-62E39FBF036D"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10102CF1-F461-413C-AA3A-092556B9BF01"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A5DD907-2A5A-4491-A517-2DDB34A580E4"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAD8B9BB-9568-44F4-9843-611FD6769AC6"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3F0EC0E-AA65-4F9B-8FDD-CE4B1B4ACF5E"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5907C6D0-4EA3-4F8E-9E3A-0505BA53F261"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "873A33FA-FCF0-4007-94DE-523BF5842F0A"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D96F970-8948-4014-A18A-FA7C222C0B29"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5875CD2E-E28B-48BE-92F0-3C34F713C558"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7F8DF44-0068-48A9-8E1A-7399581AC91E"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0840E876-228B-4C85-BDF7-A4A38F16FBF4"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B0F3C49-D729-4F54-AD5B-F4667275828F"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A74B911F-50F3-4C4A-BE1F-F3E331E2F3EE"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23E62335-6EDB-46CA-9502-0D013949BD0D"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2A475BF-CEC9-4B0C-A9CF-FF5CD0198659"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF9561F4-FEA2-4A8F-A761-72F9C1D1E046"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB36BF12-8F04-4898-A31C-63031C99354F"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07D83BF7-CF20-4898-B2D3-23B40D3F961D"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80028C7A-F530-479E-8FD6-F3ADBBC2598C"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74947CA6-5C06-4EB1-AF71-6A48AD25A84E"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1FF765B-13AA-4B3D-8B8C-BF41EFCD203C"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:m7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95696770-BE8F-4D86-AEF4-A7102F154898"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E740A0E-B314-4A01-9AB8-17B4EE45D4E9"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E784581-98AC-4341-B06F-3B861F313708"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "871833EE-1CA1-4258-97B2-748ACD760AA8"
          },
          {
            "criteria": "cpe:2.3:a:eclipse:eclipse_ide:3.6:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DCF21CF-8984-4C3A-BD30-BD7CDA188C35"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
