CVE-2009-4052
Published Nov 23, 2009
Last updated 7 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) the JSF Tree Control and (2) the JavaScript Resource Servlet.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "473829D7-3027-4F7C-9E44-D6EBBB5D0871"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E18456C-7779-4408-932C-0E63DB619CF6"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "424A182E-561F-42A8-98FC-09E5E44F994E"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90194CF7-58CE-43AB-A4C1-0143517A8AE8"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B308DA0C-6E09-4A89-8FCD-59100F47587B"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AE51730-0929-4AFA-BF18-298F0389546B"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03D5C500-E712-461F-B1A6-7582A17436DB"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EE5CF1E-9563-407D-A3CD-B63B5766C5C5"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CD19C41-E08F-4022-9300-DBD56204794D"
},
{
"criteria": "cpe:2.3:a:ibm:rational_application_developer_for_websphere:7.0.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE851829-20D2-4B2D-B3CF-3D068B483E87"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73FACCC2-2CE2-43D5-B06C-85FD67D90297"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D52DF841-C80B-4C53-A014-8EFE151FD9E3"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9C5F515-19B6-4BC2-A28F-C08042A45FF9"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF857688-54B1-42B8-B9B2-6CD325B2E922"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BED1E176-0914-4201-BF55-3F0E4BCCBB40"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C25E22B-B7D1-4632-BAD7-FDD0BF070A23"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14166F79-8DEA-4A2E-8102-8C716609E36D"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AA30626-D56F-4107-A54E-E0B9E879E3E2"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F7FCAE6-610D-43FD-9C05-FB3D085E4854"
},
{
"criteria": "cpe:2.3:a:ibm:rational_software_architect:7.0.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9A1F66A-DF89-402D-A54B-2E973D79F9F0"
}
],
"operator": "OR"
}
]
}
]