CVE-2008-4876
N/A
N/A
Summary
Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote attackers to inject arbitrary web script or HTML via the request URL, which is not properly handled in a 404 web error page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/5113
- http://secunia.com/advisories/28978
- http://www.securityfocus.com/bid/27790
- http://www.vupen.com/english/advisories/2008/0583
- http://www.securityfocus.com/archive/1/488127/100/200/threaded
- http://securityreason.com/securityalert/4536
References
- https://www.exploit-db.com/exploits/5113
- http://secunia.com/advisories/28978
- http://www.securityfocus.com/bid/27790
- http://www.vupen.com/english/advisories/2008/0583
- http://www.securityfocus.com/archive/1/488127/100/200/threaded
- http://securityreason.com/securityalert/4536
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.