[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Cisco Unified MeetingPlace Web Conferencing Stored Cross Site
From: security.assurance () nab ! com ! au
Date: 2009-02-25 23:33:48
Message-ID: 20090225233348.29357.qmail () securityfocus ! com
[Download RAW message or body]
Title: Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting \
Vulnerability
CVE Identifier: N/A
____________
Credit:
Security Assurance Team of the National Australia Bank.
The vendor was advised of this vulnerability prior to its public release. National \
Australia Bank adheres to the “Guidelines for Security Vulnerability Reporting and \
Response V2.0” document when issuing Security Advisories.
Class: Stored Cross Site Scripting
____________
Remote: Yes
____________
Local: No
____________
Vulnerable:
Cisco Unified Meeting Place 6.0 and possibly 7.0 – other versions may also be \
vulnerable. ____________
Not Vulnerable:
____________
Vendor: Cisco
____________
Discussion:
Cisco Unified Meeting Place is a suite of products used for remote voice, video and \
web conferencing. The Cisco Unified Meeting Place web interface allows users to \
schedule and attend conferences.
Each user has the ability to modify their own account settings such as their name, \
telephone extension, email address etc. National Australia Bank’s Security Assurance \
Team have identified a stored cross site scripting vulnerability that could be \
exploited by a malicious user to execute code within another user's browser when they \
view a meeting created by the malicious user.
____________
Exploit:
The “E-mail Address” field of this profile page is vulnerable to stored cross site \
scripting attacks.
If a user enters the following in the email field, the code within the script tags \
will be executed whenever that user’s profile data is viewed by other users, \
including when viewing the details of a meeting created by this user: \
"><script>INSERT JAVASCRIPT HERE</script>
Solution:
No workaround available.
This vulnerability is fixed in Cisco Unified MeetingPlace Web Conferencing software \
version 6.0(517.0) also known as Maintenance Release 4 (MR4) for the 6.0 release, and \
version 7.0(2) also known as Maintenance Release 1 (MR1) for the 7.0 release.
____________
References:
Vendor Homepage:
http://www.cisco.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic