Oracle Solaris Third-Party Patch Update : transmission (cve_2012_4037_xss_vulnerability)

Low Nessus Plugin ID 80796


The remote Solaris system is missing a security patch for third-party software.


The remote Solaris system is missing necessary patches to address security updates :

- Multiple cross-site scripting (XSS) vulnerabilities in the web client in Transmission before 2.61 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) created by, or (3) name field in a torrent file. (CVE-2012-4037)


Upgrade to Solaris

See Also

Plugin Details

Severity: Low

ID: 80796

File Name: solaris11_transmission_20140522.nasl

Version: $Revision: 1.2 $

Type: local

Published: 2015/01/19

Modified: 2015/06/16

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/o:oracle:solaris:11.1, p-cpe:/a:oracle:solaris:transmission

Required KB Items: Host/local_checks_enabled, Host/Solaris11/release, Host/Solaris11/pkg-list

Patch Publication Date: 2014/05/22

Reference Information

CVE: CVE-2012-4037