1
Candidate: CVE-2009-4837
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4837
6
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and
7
Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject
8
arbitrary web script or HTML via the (1) sig[1] parameter to
9
base/base_qry_main.php, or the time[0][1] parameter to (2)
10
base/base_stat_alerts.php or (3) base/base_stat_uaddr.php. NOTE: some of
11
these details are obtained from third party information.
20
upstream_acidbase: released (1.4.3.1)
21
dapper_acidbase: ignored (reached end-of-life)
22
hardy_acidbase: ignored (reached end-of-life)
23
jaunty_acidbase: ignored (reached end-of-life)
24
karmic_acidbase: ignored (reached end-of-life)
25
lucid_acidbase: not-affected (1.4.4-3ubuntu1)
26
maverick_acidbase: not-affected (1.4.4-3ubuntu1)
27
natty_acidbase: not-affected (1.4.4-3ubuntu1)
28
oneiric_acidbase: not-affected (1.4.4-3ubuntu1)
29
devel_acidbase: not-affected (1.4.4-3ubuntu1)