cvelistv5 - cve-2007-2680

cve-2007-2680

Vulnerability from cvelistv5

Published

2007-05-15 00:00

Modified

2024-08-07 13:49

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://cweb.canon.jp/drv-upd/webview/notification.html
cve@mitre.org	http://jvn.jp/jp/JVN%2306735665/
cve@mitre.org	http://osvdb.org/35019
cve@mitre.org	http://secunia.com/advisories/24940	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/23560
cve@mitre.org	http://www.vupen.com/english/advisories/2007/1461
af854a3a-2127-422b-91ae-364da2661108	http://cweb.canon.jp/drv-upd/webview/notification.html
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/jp/JVN%2306735665/
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35019
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24940	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23560
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1461

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:57.245Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-1461",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1461"
          },
          {
            "name": "JVN#06735665",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/jp/JVN%2306735665/"
          },
          {
            "name": "24940",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24940"
          },
          {
            "name": "23560",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23560"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
          },
          {
            "name": "35019",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35019"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-11T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-1461",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1461"
        },
        {
          "name": "JVN#06735665",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/jp/JVN%2306735665/"
        },
        {
          "name": "24940",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24940"
        },
        {
          "name": "23560",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23560"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
        },
        {
          "name": "35019",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35019"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2680",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-1461",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1461"
            },
            {
              "name": "JVN#06735665",
              "refsource": "JVN",
              "url": "http://jvn.jp/jp/JVN%2306735665/"
            },
            {
              "name": "24940",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24940"
            },
            {
              "name": "23560",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23560"
            },
            {
              "name": "http://cweb.canon.jp/drv-upd/webview/notification.html",
              "refsource": "CONFIRM",
              "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
            },
            {
              "name": "35019",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35019"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2680",
    "datePublished": "2007-05-15T00:00:00",
    "dateReserved": "2007-05-14T00:00:00",
    "dateUpdated": "2024-08-07T13:49:57.245Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:network_camera_server_vb100:3.0:r69:*:*:*:*:*:*\", \"matchCriteriaId\": \"092AE829-3DDD-4407-8CB5-79FB9496AC5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:network_camera_server_vb101:3.0:r69:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FCF41D8-BFD5-4A51-A9C7-7E37A0E64525\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:canon:network_camera_server_vb150:1.1:r39:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AAD4C97-6F2E-4720-A054-988A956DAA3A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en el interfaz de gesti\\u00f3n en Canon Network Camera Server VB100 y VB101 con software empotrado (firmware)3.0 R69 y anteriores, y VB150 con software empotrado (firmware)1.1 R39 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\\u00e9s de vectores no especificados.\"}]",
      "id": "CVE-2007-2680",
      "lastModified": "2024-11-21T00:31:23.660",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2007-05-15T00:19:00.000",
      "references": "[{\"url\": \"http://cweb.canon.jp/drv-upd/webview/notification.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://jvn.jp/jp/JVN%2306735665/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/35019\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/24940\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/23560\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/1461\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://cweb.canon.jp/drv-upd/webview/notification.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://jvn.jp/jp/JVN%2306735665/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/35019\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/24940\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/23560\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/1461\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-2680\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-05-15T00:19:00.000\",\"lastModified\":\"2024-11-21T00:31:23.660\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en el interfaz de gesti\u00f3n en Canon Network Camera Server VB100 y VB101 con software empotrado (firmware)3.0 R69 y anteriores, y VB150 con software empotrado (firmware)1.1 R39 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:network_camera_server_vb100:3.0:r69:*:*:*:*:*:*\",\"matchCriteriaId\":\"092AE829-3DDD-4407-8CB5-79FB9496AC5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:network_camera_server_vb101:3.0:r69:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCF41D8-BFD5-4A51-A9C7-7E37A0E64525\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:canon:network_camera_server_vb150:1.1:r39:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AAD4C97-6F2E-4720-A054-988A956DAA3A\"}]}]}],\"references\":[{\"url\":\"http://cweb.canon.jp/drv-upd/webview/notification.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvn.jp/jp/JVN%2306735665/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/35019\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/24940\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/23560\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/1461\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://cweb.canon.jp/drv-upd/webview/notification.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jvn.jp/jp/JVN%2306735665/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/35019\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/24940\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/23560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/1461\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-p3pj-frvc-gch9

Vulnerability from github

Published

2022-05-01 18:06

Modified

2022-05-01 18:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-2680"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-05-15T00:19:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
  "id": "GHSA-p3pj-frvc-gch9",
  "modified": "2022-05-01T18:06:06Z",
  "published": "2022-05-01T18:06:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2680"
    },
    {
      "type": "WEB",
      "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/jp/JVN%2306735665"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/35019"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24940"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/23560"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1461"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2007-2680

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-2680

Aliases

CVE-2007-2680

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-2680",
    "description": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
    "id": "GSD-2007-2680"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-2680"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
      "id": "GSD-2007-2680",
      "modified": "2023-12-13T01:21:37.416241Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-2680",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2007-1461",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/1461"
          },
          {
            "name": "JVN#06735665",
            "refsource": "JVN",
            "url": "http://jvn.jp/jp/JVN%2306735665/"
          },
          {
            "name": "24940",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/24940"
          },
          {
            "name": "23560",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/23560"
          },
          {
            "name": "http://cweb.canon.jp/drv-upd/webview/notification.html",
            "refsource": "CONFIRM",
            "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
          },
          {
            "name": "35019",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/35019"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb100:3.0:r69:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:3.0:r69:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb150:1.1:r39:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2680"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#06735665",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/jp/JVN%2306735665/"
            },
            {
              "name": "http://cweb.canon.jp/drv-upd/webview/notification.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
            },
            {
              "name": "23560",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/23560"
            },
            {
              "name": "24940",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/24940"
            },
            {
              "name": "35019",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/35019"
            },
            {
              "name": "ADV-2007-1461",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1461"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-03-08T02:54Z",
      "publishedDate": "2007-05-15T00:19Z"
    }
  }
}

cve-2007-2680

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Canon Network Camera Server VB100 Series vulnerable to cross-site scripting

Details

Canon Network Camera Server VB100 Series contains a cross-site scripting vulnerability.

References

▼	Type	URL
	JVN	http://jvn.jp/en/jp/JVN06735665/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2680
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2680
	SECUNIA	http://secunia.com/advisories/24940/
	FRSIRT	http://www.frsirt.com/english/advisories/2007/1461

Impacted products

▼	Vendor	Product
	Canon	Canon Network Camera Server

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000301.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Canon Network Camera Server VB100 Series contains a cross-site scripting vulnerability.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000301.html",
  "sec:cpe": {
    "#text": "cpe:/a:canon:network_camera_server",
    "@product": "Canon Network Camera Server",
    "@vendor": "Canon",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000301",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN06735665/index.html",
      "@id": "JVN#06735665",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2680",
      "@id": "CVE-2007-2680",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2680",
      "@id": "CVE-2007-2680",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/24940/",
      "@id": "SA24940",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/1461",
      "@id": "FrSIRT/ADV-2007-1461",
      "@source": "FRSIRT"
    }
  ],
  "title": "Canon Network Camera Server VB100 Series vulnerable to cross-site scripting"
}

fkie_cve-2007-2680

Vulnerability from fkie_nvd

Published

2007-05-15 00:19

Modified

2024-11-21 00:31

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://cweb.canon.jp/drv-upd/webview/notification.html
cve@mitre.org	http://jvn.jp/jp/JVN%2306735665/
cve@mitre.org	http://osvdb.org/35019
cve@mitre.org	http://secunia.com/advisories/24940	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/23560
cve@mitre.org	http://www.vupen.com/english/advisories/2007/1461
af854a3a-2127-422b-91ae-364da2661108	http://cweb.canon.jp/drv-upd/webview/notification.html
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/jp/JVN%2306735665/
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35019
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24940	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23560
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1461

Impacted products

Vendor	Product	Version
canon	network_camera_server_vb100	3.0
canon	network_camera_server_vb101	3.0
canon	network_camera_server_vb150	1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:canon:network_camera_server_vb100:3.0:r69:*:*:*:*:*:*",
              "matchCriteriaId": "092AE829-3DDD-4407-8CB5-79FB9496AC5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:network_camera_server_vb101:3.0:r69:*:*:*:*:*:*",
              "matchCriteriaId": "0FCF41D8-BFD5-4A51-A9C7-7E37A0E64525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:canon:network_camera_server_vb150:1.1:r39:*:*:*:*:*:*",
              "matchCriteriaId": "2AAD4C97-6F2E-4720-A054-988A956DAA3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en el interfaz de gesti\u00f3n en Canon Network Camera Server VB100 y VB101 con software empotrado (firmware)3.0 R69 y anteriores, y VB150 con software empotrado (firmware)1.1 R39 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2007-2680",
  "lastModified": "2024-11-21T00:31:23.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-05-15T00:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://jvn.jp/jp/JVN%2306735665/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/35019"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23560"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/jp/JVN%2306735665/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1461"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-200705-0404

Vulnerability from variot

Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed.

Input passed to certain parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

SOLUTION: Update to the latest firmware versions.

VB100 V3.0 R71: http://cweb.canon.jp/drv-upd/webview/vb100farm.html

VB101 V3.0 R71: http://cweb.canon.jp/drv-upd/webview/vb101farm.html

VB150 V1.1 R41: http://cweb.canon.jp/drv-upd/webview/vb150farm.html

PROVIDED AND/OR DISCOVERED BY: Reported in a JVN repository.

ORIGINAL ADVISORY: Canon: http://cweb.canon.jp/drv-upd/webview/notification.html

OTHER REFERENCES: JVN#06735665: http://jvn.jp/jp/JVN%2306735665/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200705-0404",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "network camera server vb100",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": "3.0"
      },
      {
        "model": "network camera server vb101",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": "3.0"
      },
      {
        "model": "network camera server vb150",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "canon",
        "version": "1.1"
      },
      {
        "model": "network camera server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "canon",
        "version": "vb100 and vb101 firmware ver. 3.0 rev.69"
      },
      {
        "model": "network camera server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "canon",
        "version": "vb150 firmware ver. 1.1 rev.39"
      },
      {
        "model": "network camera server vb150 firm r39",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "canon",
        "version": "v1.1"
      },
      {
        "model": "network camera server vb101 firm r69",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "canon",
        "version": "v3.0"
      },
      {
        "model": "network camera server vb100 firm r69",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "canon",
        "version": "v3.0"
      },
      {
        "model": "network camera server vb150 firm r41",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "canon",
        "version": "v1.1"
      },
      {
        "model": "network camera server vb101 firm r71",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "canon",
        "version": "v3.0"
      },
      {
        "model": "network camera server vb100 firm r71",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "canon",
        "version": "v3.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "23560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb100:3.0:r69:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb101:3.0:r69:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:canon:network_camera_server_vb150:1.1:r39:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "JVN is credited with the discovery of this vulnerability.",
    "sources": [
      {
        "db": "BID",
        "id": "23560"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2007-2680",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 2.6,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2007-000301",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-26042",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2007-2680",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2007-000301",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200705-282",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-26042",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. \nExploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks. \n\n----------------------------------------------------------------------\n\nSecunia customers receive relevant and filtered advisories. \nDelivery is done via different channels including SMS, Email, Web,\nand https based XML feed. \n\nInput passed to certain parameters is not properly sanitised before\nbeing returned to the user. This can be exploited to execute\narbitrary HTML and script code in a user\u0027s browser session in context\nof an affected site. \n\nSOLUTION:\nUpdate to the latest firmware versions. \n\nVB100 V3.0 R71:\nhttp://cweb.canon.jp/drv-upd/webview/vb100farm.html\n\nVB101 V3.0 R71:\nhttp://cweb.canon.jp/drv-upd/webview/vb101farm.html\n\nVB150 V1.1 R41:\nhttp://cweb.canon.jp/drv-upd/webview/vb150farm.html\n\nPROVIDED AND/OR DISCOVERED BY:\nReported in a JVN repository. \n\nORIGINAL ADVISORY:\nCanon:\nhttp://cweb.canon.jp/drv-upd/webview/notification.html\n\nOTHER REFERENCES:\nJVN#06735665:\nhttp://jvn.jp/jp/JVN%2306735665/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "db": "BID",
        "id": "23560"
      },
      {
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "db": "PACKETSTORM",
        "id": "56086"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "24940",
        "trust": 2.6
      },
      {
        "db": "NVD",
        "id": "CVE-2007-2680",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "23560",
        "trust": 2.0
      },
      {
        "db": "OSVDB",
        "id": "35019",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-1461",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVN06735665",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282",
        "trust": 0.7
      },
      {
        "db": "JVN",
        "id": "JVN#06735665",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-26042",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "56086",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "db": "BID",
        "id": "23560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "db": "PACKETSTORM",
        "id": "56086"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "id": "VAR-200705-0404",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-26042"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:59:02.815000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "2007/4/19",
        "trust": 0.8,
        "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://cweb.canon.jp/drv-upd/webview/notification.html"
      },
      {
        "trust": 2.1,
        "url": "http://jvn.jp/jp/jvn%2306735665/"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/23560"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/35019"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/24940"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2007/1461"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2007/1461"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/24940/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2680"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/en/jp/jvn06735665/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2680"
      },
      {
        "trust": 0.4,
        "url": "http://cweb.canon.jp/drv-upd/webview/vb100farm.html"
      },
      {
        "trust": 0.4,
        "url": "http://cweb.canon.jp/drv-upd/webview/vb101farm.html"
      },
      {
        "trust": 0.4,
        "url": "http://cweb.canon.jp/drv-upd/webview/vb150farm.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.canon.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://corporate.secunia.com/trial/38/request/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14000/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14002/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/14001/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "db": "BID",
        "id": "23560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "db": "PACKETSTORM",
        "id": "56086"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "db": "BID",
        "id": "23560"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "db": "PACKETSTORM",
        "id": "56086"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-05-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "date": "2007-04-18T00:00:00",
        "db": "BID",
        "id": "23560"
      },
      {
        "date": "2008-05-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "date": "2007-04-20T06:48:40",
        "db": "PACKETSTORM",
        "id": "56086"
      },
      {
        "date": "2007-05-15T00:19:00",
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "date": "2007-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-26042"
      },
      {
        "date": "2007-04-19T20:51:00",
        "db": "BID",
        "id": "23560"
      },
      {
        "date": "2008-05-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      },
      {
        "date": "2011-03-08T02:54:44.687000",
        "db": "NVD",
        "id": "CVE-2007-2680"
      },
      {
        "date": "2007-06-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Canon Network Camera Server VB100 Series vulnerable to cross-site scripting",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-000301"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "xss",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "56086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200705-282"
      }
    ],
    "trust": 0.7
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2007-2680

Vulnerability from cvelistv5

ghsa-p3pj-frvc-gch9

Vulnerability from github

gsd-2007-2680

Vulnerability from gsd

cve-2007-2680

Vulnerability from jvndb

fkie_cve-2007-2680

Vulnerability from fkie_nvd

var-200705-0404

Vulnerability from variot

Tags

Sightings

Nomenclature