CVE-2007-2680

Published: May 15, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (3)

Products: Canon: Network Camera Server Vb100, Network Camera Server Vb101, Network Camera Server Vb150

3 products

Network Camera Server Vb100

Network Camera Server Vb101

Network Camera Server Vb150

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Canon Network Camera Server Vb100	Version 3.0 r69
Canon Network Camera Server Vb101	Version 3.0 r69
Canon Network Camera Server Vb150	Version 1.1 r39

References (12)

http://cweb.canon.jp/drv-upd/webview/notification.html

Source: cve@mitre.org

http://jvn.jp/jp/JVN%2306735665/

Source: cve@mitre.org

http://osvdb.org/35019

Source: cve@mitre.org

http://secunia.com/advisories/24940

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/23560

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1461

Source: cve@mitre.org

http://cweb.canon.jp/drv-upd/webview/notification.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://jvn.jp/jp/JVN%2306735665/

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/35019

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24940

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/23560

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/1461

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.