CVE-2010-4647

Impact:
Low
Public Date:
2010-11-16
CWE:
CWE-79
Bugzilla:
661901: CVE-2010-4647 eclipse: Help Content web application vulnerable to multiple XSS

The MITRE CVE dictionary describes this issue as:

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp.

Find out more about CVE-2010-4647 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 2.6
Base Metrics AV:N/AC:H/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity High
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (eclipse) RHSA-2011:0568 2011-05-19

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 eclipse Will not fix
Red Hat Certificate System 7.3 for 4AS eclipse Will not fix
Red Hat Certificate System 7.2 for 4AS eclipse Will not fix

Last Modified