cvelistv5 - cve-2011-0286

CVE-2011-0286 (GCVE-0-2011-0286)

Vulnerability from cvelistv5 – Published: 2011-04-18 18:00 – Updated: 2024-09-17 02:20

Summary

Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.blackberry.com/btsc/KB26296	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0971	vdb-entryx_refsource_VUPEN
	http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0…	x_refsource_MISC
	http://secunia.com/advisories/44183	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1025356	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/47324	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:51:07.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.blackberry.com/btsc/KB26296"
          },
          {
            "name": "ADV-2011-0971",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0971"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
          },
          {
            "name": "44183",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44183"
          },
          {
            "name": "1025356",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025356"
          },
          {
            "name": "47324",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47324"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-04-18T18:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.blackberry.com/btsc/KB26296"
        },
        {
          "name": "ADV-2011-0971",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0971"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
        },
        {
          "name": "44183",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44183"
        },
        {
          "name": "1025356",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025356"
        },
        {
          "name": "47324",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47324"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-0286",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.blackberry.com/btsc/KB26296",
              "refsource": "CONFIRM",
              "url": "http://www.blackberry.com/btsc/KB26296"
            },
            {
              "name": "ADV-2011-0971",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0971"
            },
            {
              "name": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf",
              "refsource": "MISC",
              "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
            },
            {
              "name": "44183",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44183"
            },
            {
              "name": "1025356",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025356"
            },
            {
              "name": "47324",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47324"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-0286",
    "datePublished": "2011-04-18T18:00:00Z",
    "dateReserved": "2011-01-06T00:00:00Z",
    "dateUpdated": "2024-09-17T02:20:53.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EBA5181-F946-4F86-B5DB-07795ACF32D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85752BAD-8110-41B4-BAEF-4C97BFDA046A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"377D4536-5EAC-4F0A-94AD-4D326935A142\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11FF9320-7C94-4700-81A8-E7D7694EB97D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"079D4AE1-AA56-4169-8073-E665452A0BF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D861AF4-F293-40D9-BFA9-1EECBDFA8253\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de ejecuci\\u00f3n de secuencias de comandos en sitios cruzados (XSS)  en webdesktop/app en el componente BlackBerry Web Desktop Manager en el software Research In Motion (RIM) BlackBerry Enterprise Server (BES) anterior a v5.0.2 MR5 y v5.0.3 anterior a MR1,y el software BlackBerry Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos inyectar script o HTML de su elecci\\u00f3n a trav\\u00e9s del par\\u00e1metro displayErrorMessage en una acci\\u00f3n ManageDevices.\"}]",
      "id": "CVE-2011-0286",
      "lastModified": "2024-11-21T01:23:42.813",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-04-18T18:55:00.877",
      "references": "[{\"url\": \"http://secunia.com/advisories/44183\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1025356\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.blackberry.com/btsc/KB26296\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/47324\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0971\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1025356\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.blackberry.com/btsc/KB26296\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/47324\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0971\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-0286\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-04-18T18:55:00.877\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS)  en webdesktop/app en el componente BlackBerry Web Desktop Manager en el software Research In Motion (RIM) BlackBerry Enterprise Server (BES) anterior a v5.0.2 MR5 y v5.0.3 anterior a MR1,y el software BlackBerry Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos inyectar script o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro displayErrorMessage en una acci\u00f3n ManageDevices.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EBA5181-F946-4F86-B5DB-07795ACF32D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85752BAD-8110-41B4-BAEF-4C97BFDA046A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"377D4536-5EAC-4F0A-94AD-4D326935A142\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11FF9320-7C94-4700-81A8-E7D7694EB97D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"079D4AE1-AA56-4169-8073-E665452A0BF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D861AF4-F293-40D9-BFA9-1EECBDFA8253\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/44183\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1025356\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.blackberry.com/btsc/KB26296\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/47324\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0971\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1025356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.blackberry.com/btsc/KB26296\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/47324\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0971\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-M85Q-5QPG-G6VH

Vulnerability from github – Published: 2022-05-17 05:42 – Updated: 2022-05-17 05:42

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-0286"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-04-18T18:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.",
  "id": "GHSA-m85q-5qpg-g6vh",
  "modified": "2022-05-17T05:42:04Z",
  "published": "2022-05-17T05:42:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0286"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/44183"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1025356"
    },
    {
      "type": "WEB",
      "url": "http://www.blackberry.com/btsc/KB26296"
    },
    {
      "type": "WEB",
      "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/47324"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0971"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2011-0286

Vulnerability from fkie_nvd - Published: 2011-04-18 18:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/44183	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1025356
cve@mitre.org	http://www.blackberry.com/btsc/KB26296	Vendor Advisory
cve@mitre.org	http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf	Exploit
cve@mitre.org	http://www.securityfocus.com/bid/47324
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0971	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44183	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1025356
af854a3a-2127-422b-91ae-364da2661108	http://www.blackberry.com/btsc/KB26296	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47324
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0971	Vendor Advisory

Impacted products

Vendor	Product	Version
rim	blackberry_enterprise_server	5.0.0
rim	blackberry_enterprise_server	5.0.1
rim	blackberry_enterprise_server	5.0.2
rim	blackberry_enterprise_server	5.0.3
rim	blackberry_enterprise_server_express	5.0.1
rim	blackberry_enterprise_server_express	5.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EBA5181-F946-4F86-B5DB-07795ACF32D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "85752BAD-8110-41B4-BAEF-4C97BFDA046A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "377D4536-5EAC-4F0A-94AD-4D326935A142",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11FF9320-7C94-4700-81A8-E7D7694EB97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "079D4AE1-AA56-4169-8073-E665452A0BF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D861AF4-F293-40D9-BFA9-1EECBDFA8253",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS)  en webdesktop/app en el componente BlackBerry Web Desktop Manager en el software Research In Motion (RIM) BlackBerry Enterprise Server (BES) anterior a v5.0.2 MR5 y v5.0.3 anterior a MR1,y el software BlackBerry Enterprise Server Express v5.0.1 y v5.0.2, permite a atacantes remotos inyectar script o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro displayErrorMessage en una acci\u00f3n ManageDevices."
    }
  ],
  "id": "CVE-2011-0286",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-04-18T18:55:00.877",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44183"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1025356"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.blackberry.com/btsc/KB26296"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47324"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1025356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.blackberry.com/btsc/KB26296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0971"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2011-0286

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-0286

Aliases

CVE-2011-0286

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-0286",
    "description": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.",
    "id": "GSD-2011-0286"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-0286"
      ],
      "details": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action.",
      "id": "GSD-2011-0286",
      "modified": "2023-12-13T01:19:04.886931Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-0286",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.blackberry.com/btsc/KB26296",
            "refsource": "CONFIRM",
            "url": "http://www.blackberry.com/btsc/KB26296"
          },
          {
            "name": "ADV-2011-0971",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0971"
          },
          {
            "name": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf",
            "refsource": "MISC",
            "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
          },
          {
            "name": "44183",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/44183"
          },
          {
            "name": "1025356",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1025356"
          },
          {
            "name": "47324",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/47324"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rim:blackberry_enterprise_server:5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rim:blackberry_enterprise_server_express:5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-0286"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in webdesktop/app in the BlackBerry Web Desktop Manager component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software before 5.0.2 MR5 and 5.0.3 before MR1, and BlackBerry Enterprise Server Express software 5.0.1 and 5.0.2, allows remote attackers to inject arbitrary web script or HTML via the displayErrorMessage parameter in a ManageDevices action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.blackberry.com/btsc/KB26296",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.blackberry.com/btsc/KB26296"
            },
            {
              "name": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.cybsec.com/vuln/CYBSEC_Advisory_2011_0401_Cross_Site_Scripting_XSS_in_Blackberry_WebDesktop.pdf"
            },
            {
              "name": "1025356",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1025356"
            },
            {
              "name": "47324",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/47324"
            },
            {
              "name": "44183",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/44183"
            },
            {
              "name": "ADV-2011-0971",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0971"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-04-18T18:55Z",
      "publishedDate": "2011-04-18T18:55Z"
    }
  }
}

CERTA-2011-AVI-223

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans les serveurs BlackBerry Enterprise permet une injection de code indirecte à distance.

Description

Une vulnérabilité a été détectée dans les serveurs BlackBerry Enterprise. Un attaquant peut réaliser une injection de code indirecte en incitant un utilisateur à suivre un lien hypertexte spécialement conçu (via une page web, un courriel ou un SMS). Le code s'exécute alors sur l'ordiphone avec les privilèges de l'utilisateur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	BlackBerry Enterprise Server versions 5.0.0 à 5.0.3 pour Microsoft Exchange et IBM Lotus Domino ;
Microsoft	N/A	BlackBerry Enterprise Server Express versions 5.0.1 et 5.0.2 pour Microsoft Exchange ;
N/A	N/A	BlackBerry Enterprise Server Express version 5.0.2 pour IBM Lotus Domino ;
Novell	N/A	BlackBerry Enterprise Server versions 5.0.1 pour Novell GroupWise.

References

Title

Publication Time

Tags

Bulletin de sécurité BlackBerry KB26296 du 12 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "BlackBerry Enterprise Server versions 5.0.0 \u00e0 5.0.3 pour Microsoft Exchange et IBM Lotus Domino ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server Express versions 5.0.1 et 5.0.2 pour Microsoft Exchange ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server Express version 5.0.2 pour IBM Lotus Domino ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server versions 5.0.1 pour Novell GroupWise.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Novell",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9tect\u00e9e dans les serveurs BlackBerry\nEnterprise. Un attaquant peut r\u00e9aliser une injection de code indirecte\nen incitant un utilisateur \u00e0 suivre un lien hypertexte sp\u00e9cialement\ncon\u00e7u (via une page web, un courriel ou un SMS). Le code s\u0027ex\u00e9cute alors\nsur l\u0027ordiphone avec les privil\u00e8ges de l\u0027utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0286"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-223",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans les serveurs BlackBerry Enterprise permet une\ninjection de code indirecte \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans BlackBerry Enterprise Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 BlackBerry KB26296 du 12 avril 2011",
      "url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB26296"
    }
  ]
}

CERTA-2011-AVI-223

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans les serveurs BlackBerry Enterprise permet une injection de code indirecte à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	BlackBerry Enterprise Server versions 5.0.0 à 5.0.3 pour Microsoft Exchange et IBM Lotus Domino ;
Microsoft	N/A	BlackBerry Enterprise Server Express versions 5.0.1 et 5.0.2 pour Microsoft Exchange ;
N/A	N/A	BlackBerry Enterprise Server Express version 5.0.2 pour IBM Lotus Domino ;
Novell	N/A	BlackBerry Enterprise Server versions 5.0.1 pour Novell GroupWise.

References

Title

Publication Time

Tags

Bulletin de sécurité BlackBerry KB26296 du 12 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "BlackBerry Enterprise Server versions 5.0.0 \u00e0 5.0.3 pour Microsoft Exchange et IBM Lotus Domino ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server Express versions 5.0.1 et 5.0.2 pour Microsoft Exchange ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server Express version 5.0.2 pour IBM Lotus Domino ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BlackBerry Enterprise Server versions 5.0.1 pour Novell GroupWise.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Novell",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9tect\u00e9e dans les serveurs BlackBerry\nEnterprise. Un attaquant peut r\u00e9aliser une injection de code indirecte\nen incitant un utilisateur \u00e0 suivre un lien hypertexte sp\u00e9cialement\ncon\u00e7u (via une page web, un courriel ou un SMS). Le code s\u0027ex\u00e9cute alors\nsur l\u0027ordiphone avec les privil\u00e8ges de l\u0027utilisateur.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0286"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-223",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans les serveurs BlackBerry Enterprise permet une\ninjection de code indirecte \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans BlackBerry Enterprise Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 BlackBerry KB26296 du 12 avril 2011",
      "url": "http://www.blackberry.com/btsc/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=KB26296"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-0286 (GCVE-0-2011-0286)

GHSA-M85Q-5QPG-G6VH

FKIE_CVE-2011-0286

GSD-2011-0286

CERTA-2011-AVI-223

Description

Solution

CERTA-2011-AVI-223

Description

Solution

Tags

Sightings

Nomenclature