MidnightBSD

Advisories for wolfram

CVE-2009-4812 MEDIUM

Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
wolfram webmathematica *
wolfram webmathematica 2.3
wolfram webmathematica 3.0
CVE-2009-4814 MEDIUM

Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
wolfram webmathematica *
wolfram webmathematica 2.3
wolfram webmathematica 3.0