Vulnerability Note VU#709939
Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities
Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application.
Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities:
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CVE-2012-2604
A remote unauthenticated attacker may obtain sensitive information, cause a denial of service condition or execute arbitrary code with the privileges of the application.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Bradford Networks||Affected||20 Apr 2012||05 Jun 2012|
CVSS Metrics (Learn More)
Thanks to Travis Lee for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2012-2604 CVE-2012-2605 CVE-2012-2606
- Date Public: 13 Jun 2012
- Date First Published: 13 Jun 2012
- Date Last Updated: 13 Jun 2012
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.