| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 8 Oct 2010 10:37:44 -0000 From: advisory@...toliasecurity.com To: bugtraq@...urityfocus.com Subject: OverLook Cross-site Scripting Vulnerability ANATOLIA SECURITY ADVISORY --------------------------- ### ADVISORY INFO ### + Title: OverLook Cross-site Scripting + Advisory URL: http://anatoliasecurity.com/Blog/Detay.aspx?bId=2 + Advisory ID: 2010-002 + Version: v5.0 + Date: 06/10/2010 + Impact: Execute Malicious Javascript Codes + CWE-ID: 79 + Credit: Anatolia Security ### VULNERABLE PRODUCT ### + Description: "Overlook is a modern system of communication licensed of GPL (GNU Public License), which puts at disposal by the user the webmail and webcalendar functionalities.Since the release of the version in November 2006, downloads have exceeded the threshold of 2.000, transforming Overlook on one of the most popular groupware applications." + Homepage: http://www.openit.it + Download: http://www.openit.it/index.php?option=com_jdownloads&Itemid=87&task=viewcategory&catid=3&lang=en ### VULNERABILITY DETAILS ### + Description: "title.php" gets "frame" parameter with sqgetGlobalVar function. sqgetGlobalVar function apply decodeHTML function to variable. This function decode HTML tags so its make a chance to succesfull exploitation with some browser (e.g. Mozilla Firefox encodes HTML tags). After that application include "frame" variable into inline javascript code. + Exploit/POC: http://www.anatoliasecurity.com/exploits/overlook-xss-poc.txt
Powered by blists - more mailing lists