lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4E1D08F3.6060708@secniche.org>
Date: Tue, 12 Jul 2011 22:54:43 -0400
From: Aditya K Sood <0kn0ck@...niche.org>
To: bugtraq@...urityfocus.com
Subject: CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in
 Oracle I-Recruitment - E-Business Suite


Advisory: Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment File Uploading Module- E-Business Suite

CVE-2010-2404

Version Affected - 11.5.10.2, 12.0.6, 12.1.3

About: Oracle I-Recruitment Suite
Oracle iRecruitment is a web based full-cycle recruiting solution that
gives managers, recruiters and candidates the ability to manage every
phase of finding, recruiting, hiring, and tracking new employees. It is a
part of Oracle E-business suite.

Discussion:
A persistent cross site scripting vulnerability exists in the I-Recruitment
portal. The account information page allows the user to upload his resume in 
Microsoft Word document. An attacker can construct a malicious MSWord file to
conduct XSS attack by setting XSS payload in hyperlinks in order to bypass
conversion filters.

For attack details , Refer to the following paper:
http://secniche.org/papers/SNS_09_01_Evad_Xss_Filter_Msword.pdf

 

Disclosure:
The vulnerability was disclosed to Oracle in January 2009 and is patched
in October 2010 CPU release.

Credit:
Aditya K Sood of SecNiche Security

Contact:
adi_ks [at] secniche.org

Disclaimer
The information in the advisory is believed to be accurate at the time of
publishing based on currently available information. Use of the
information constitutes acceptance for use in an AS IS condition. There is
no representation or warranties, either express or implied by or with
respect to anything.






Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ