CVE-2009-0971

Published: Mar 19, 2009Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Affected (19)

Products: Futomi: Access Analyzer Cgi

1 product

Access Analyzer Cgi

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Futomi Access Analyzer Cgi	Up to 3.8.1
Futomi Access Analyzer Cgi	Version 1.1
Futomi Access Analyzer Cgi	Version 1.2
Futomi Access Analyzer Cgi	Version 1.3
Futomi Access Analyzer Cgi	Version 1.4
Futomi Access Analyzer Cgi	Version 2.0
Futomi Access Analyzer Cgi	Version 2.1
Futomi Access Analyzer Cgi	Version 2.2
Futomi Access Analyzer Cgi	Version 2.3
Futomi Access Analyzer Cgi	Version 2.4
Futomi Access Analyzer Cgi	Version 3.0
Futomi Access Analyzer Cgi	Version 3.1
Futomi Access Analyzer Cgi	Version 3.2
Futomi Access Analyzer Cgi	Version 3.3
Futomi Access Analyzer Cgi	Version 3.4
Futomi Access Analyzer Cgi	Version 3.5
Futomi Access Analyzer Cgi	Version 3.6
Futomi Access Analyzer Cgi	Version 3.7
Futomi Access Analyzer Cgi	Version 3.8

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (16)

http://jvn.jp/en/jp/JVN23558374/index.html

Source: cve@mitre.org

http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000015.html

Source: cve@mitre.org

http://osvdb.org/52802

Source: cve@mitre.org

http://secunia.com/advisories/34271

Source: cve@mitre.org

Vendor Advisory

http://www.futomi.com/library/info/2009/20090316.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/34123

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/0737

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49264

Source: cve@mitre.org

http://jvn.jp/en/jp/JVN23558374/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000015.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/52802

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34271

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.futomi.com/library/info/2009/20090316.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/34123

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/0737

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49264

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.