CVE-2011-0770

Published: Jul 19, 2011Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Windows Event Log SmartConnector in HP ArcSight Connector Appliance before 6.1 allows remote attackers to inject arbitrary web script or HTML via the Windows XP variable in a file.

Affected (7)

Products: Hp: Arcsight C1000 Appliance, Arcsight C1300 Appliance, Arcsight C3200 Appliance, Arcsight C3400 Appliance, Arcsight C5200 Appliance, Arcsight C5400 Appliance, Windows Event Log Smartconnector

7 products

Arcsight C1000 Appliance

Arcsight C1300 Appliance

Arcsight C3200 Appliance

Arcsight C3400 Appliance

Arcsight C5200 Appliance

Arcsight C5400 Appliance

Windows Event Log Smartconnector

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Hp Arcsight C1000 Appliance	All versions
Hp Arcsight C1300 Appliance	All versions
Hp Arcsight C3200 Appliance	All versions
Hp Arcsight C3400 Appliance	All versions
Hp Arcsight C5200 Appliance	All versions
Hp Arcsight C5400 Appliance	All versions
Hp Windows Event Log Smartconnector	Up to 6.0.0.60023.2