Novell Home

CVE-2011-4193

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-4193 at MITRE

Description

Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning.

NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Novell/SUSE information

No Novell Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Studio Extension for System z 1.2
  • kiwi4 >= 4.85.1-0.22.9
  • kiwi4-desc-oemboot >= 4.85.1-0.22.9
  • kiwi4-desc-vmxboot >= 4.85.1-0.22.9
  • kiwi4-tools >= 4.85.1-0.22.9
  • susestudio >= 1.2.1-0.26.1
  • susestudio-common >= 1.2.1-0.26.1
  • susestudio-image-helpers >= 1.2.1-0.3.3
  • susestudio-runner >= 1.2.1-0.26.1
  • susestudio-ui-server >= 1.2.1-0.26.1
studioonsite1.2.x86-64
studioonsite1.2.s390x
SAT Patch Nr: 5535
SUSE Studio Onsite 1.2 [Appliance - Studio]
  • kiwi4 >= 4.85.1-0.22.9
  • kiwi4-desc-isoboot >= 4.85.1-0.22.9
  • kiwi4-desc-netboot >= 4.85.1-0.22.9
  • kiwi4-desc-oemboot >= 4.85.1-0.22.9
  • kiwi4-desc-vmxboot >= 4.85.1-0.22.9
  • kiwi4-doc >= 4.85.1-0.22.9
  • kiwi4-tools >= 4.85.1-0.22.9
  • susestudio >= 1.2.1-0.26.1
  • susestudio-clicfs >= 1.2.1-0.26.1
  • susestudio-common >= 1.2.1-0.26.1
  • susestudio-image-helpers >= 1.2.1-0.3.3
  • susestudio-parted >= 1.2.1-0.26.1
  • susestudio-rmds >= 1.2.1-0.26.1
  • susestudio-runner >= 1.2.1-0.26.1
  • susestudio-squashfs >= 1.2.1-0.26.1
  • susestudio-thoth >= 1.2.1-0.26.1
  • susestudio-ui-server >= 1.2.1-0.26.1
studioonsite1.2.x86-64
studioonsite1.2.s390x
SAT Patch Nr: 5535

© 2014 Novell