Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src / Print Next >>

Date: 25 Feb 2009 23:33:48 -0000
From: security.assurance@nab.com.au
To: bugtraq@securityfocus.com
Subject: Cisco Unified MeetingPlace Web Conferencing Stored Cross Site
 Scripting Vulnerability
X-Virus-Scanned: antivirus-gw at tyumen.ru

Title: 	Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting Vulnerability


CVE Identifier: N/A
____________

Credit: 
Security Assurance Team of the National Australia Bank.

The vendor was advised of this vulnerability prior to its public release.  National Australia Bank adheres to the ⌠Guidelines for Security Vulnerability Reporting and Response V2.0■ document when issuing Security Advisories.  

Class: 	Stored Cross Site Scripting
____________

Remote:	Yes
____________

Local:	No
____________


Vulnerable: 
Cisco Unified Meeting Place 6.0 and possibly 7.0 √ other versions may also be vulnerable.
____________  

Not Vulnerable:	
____________

Vendor:	Cisco
____________

Discussion:
Cisco Unified Meeting Place is a suite of products used for remote voice, video and web conferencing.  The Cisco Unified Meeting Place web interface allows users to schedule and attend conferences.

Each user has the ability to modify their own account settings such as their name, telephone extension, email address etc. National Australia Bank▓s Security Assurance Team have identified a stored cross site scripting vulnerability that could be exploited by a malicious user to execute code within another user's browser when they view a meeting created by the malicious user.

____________

Exploit:
The ⌠E-mail Address■ field of this profile page is vulnerable to stored cross site scripting attacks. 

If a user enters the following in the email field, the code within the script tags will be executed whenever that user▓s profile data is viewed by other users, including when viewing the details of a meeting created by this user: 
"><script>INSERT JAVASCRIPT HERE</script>

Solution: 
No workaround available.

This vulnerability is fixed in Cisco Unified MeetingPlace Web Conferencing software version 6.0(517.0) also known as Maintenance Release 4 (MR4) for the 6.0 release, and version 7.0(2) also known as Maintenance Release 1 (MR1) for the 7.0 release. 

____________

References:  

Vendor Homepage: 
http://www.cisco.com

<< Previous INDEX Search src / Print Next >>

АКЦИЯ! ПОДПИШИСЬ на журнал Linux Format до 31 января 2012 года и выиграй СУПЕРПРИЗ! Журнал "Linux Format" (Линукс Формат)- Единственный в России и странах СНГ журнал на русском языке, посвящённый Linux и свободному ПО. Журнал для IT-директоров, IT-менеджеров, программистов, системных администраторов, учителей школ и преподавателей ВУЗов и всех пользователей ПК. В каждом выпуске: Новости индустрии OpenSource, обзоры новинок свободного ПО, обучающие и методические статьи. Каждый, кто оформит подписку, получает бонус- объёмные наклейки на системный блок и подарки: с одним из первых выпусков журнала в 2012 году- диск с архивом номеров за 2005-2011 г.г. и ежемесячно электронную версию журнала в pdf-формате. Подробнее о проведении акции вы можете прочитать на странице сайта.