CVE-2010-5190

The Active Content Transformation functionality in Blue Coat ProxySG before SGOS 4.3.4.2, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.2.1 allows remote attackers to bypass JavaScript detection via HTML entities.

Published: Aug 26, 2012
Updated: Apr 13, 2023
CVE: CVE-2010-5190
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
bluecoat / sgos	-	4.3.4.x
bluecoat / sgos	3.2.6	3.2.6.x
bluecoat / sgos	4.1.2.1	4.1.2.1.x
bluecoat / sgos	4.2.1.2	4.2.1.2.x
bluecoat / sgos	4.2.1.6	4.2.1.6.x
bluecoat / sgos	4.2.2	4.2.2.x
bluecoat / sgos	4.2.2.1	4.2.2.1.x
bluecoat / sgos	4.2.2.2	4.2.2.2.x
bluecoat / sgos	4.2.3	4.2.3.x
bluecoat / sgos	4.2.3.4	4.2.3.4.x
bluecoat / sgos	4.2.3.7	4.2.3.7.x
bluecoat / sgos	4.2.3.12	4.2.3.12.x
bluecoat / sgos	4.2.3.21	4.2.3.21.x
bluecoat / sgos	4.2.3.26	4.2.3.26.x
bluecoat / sgos	4.2.4.1	4.2.4.1.x
bluecoat / sgos	4.2.5	4.2.5.x
bluecoat / sgos	4.2.5.1	4.2.5.1.x
bluecoat / sgos	4.2.6	4.2.6.x
bluecoat / sgos	4.2.6.1	4.2.6.1.x
bluecoat / sgos	4.2.6.4	4.2.6.4.x
bluecoat / sgos	4.2.7.1	4.2.7.1.x
bluecoat / sgos	5.2.2.4	5.2.2.4.x
bluecoat / sgos	5.4.5	5.4.5.x
bluecoat / sgos	5.5.4	5.5.4.x
bluecoat / sgos	6.1.2	6.1.2.x
bluecoat / proxysg	-	-

https://kb.bluecoat.com/index?page=content&id=SA48

Vulnerability Database

289,689

CVE-2010-5190