Return to CVE list

CVE-2008-4876

4.3
Medium

CVE-2008-4876

cve@mitre.org
Modified
View on MITREFind on GitHub

Description

Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote attackers to inject arbitrary web script or HTML via the request URL, which is not properly handled in a 404 web error page.

Exploits

51132008-02-14remoteHardware

Philips VOIP841 Firmware 1.0.4.800 - Multiple Vulnerabilities

By ikki

References

cve@mitre.org
http://secunia.com/advisories/28978
cve@mitre.org
http://securityreason.com/securityalert/4536
cve@mitre.org
http://www.securityfocus.com/archive/1/488127/100/200/threaded
cve@mitre.org
http://www.securityfocus.com/bid/27790
cve@mitre.org
http://www.vupen.com/english/advisories/2008/0583
cve@mitre.org
https://www.exploit-db.com/exploits/5113
af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/28978
af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/4536
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/488127/100/200/threaded
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/27790
af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/0583
af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/5113