lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 1 Jun 2014 22:08:06 +0200 From: Christian Schneider <mail@...istian-Schneider.net> To: bugtraq@...urityfocus.com Subject: CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2843 =================== "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" Vendor =================== infoware GmbH Product =================== MapSuite Affected versions =================== This vulnerability affects versions of MapSuite MapAPI prior to 1.0.36 and 1.1.49 Fixed versions =================== MapSuite MapAPI 1.0.36 and 1.1.49 Both patches are available since 2014-03-26. Reported by =================== This issue was reported to the vendor by Christian Schneider (@cschneider4711) following a responsible disclosure process. Severity =================== Medium Exploitability =================== No authentication required Description =================== Using a specially crafted URL to access the MapAPI it is possible to execute Reflected Cross-Site Scripting (XSS) attacks. This enables attackers to impersonate victim users (in context of the origin exposing the MapAPI) when logged-in victims are accessing attacker supplied links. Proof of concept =================== Due to the responsible disclosure process chosen and to not harm unpatched systems, no concrete exploit code will be presented in this advisory. Migration =================== MapSuite MapAPI 1.0.x users should upgrade to 1.0.36 or later as soon as possible. MapSuite MapAPI 1.1.x users should upgrade to 1.1.49 or later as soon as possible. See also =================== n/a Timeline =================== 2014-03-14 Vulnerability discovered 2014-03-14 Vulnerability responsibly reported to vendor 2014-03-21 Reply from vendor acknowledging report 2014-03-26 Reply from vendor with updated patch (version 1.0.36 and 1.1.49) meanwhile Verification of the patch by reporting researcher + vendor informed customers 2014-06-01 Advisory published in coordination with vendor via BugTraq References =================== http://www.christian-schneider.net/advisories/CVE-2014-2843.txt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAlOLhbUACgkQXYAsOfddvFMCUwCdHdnL8J+sizTRxY33OmdWfFlA 2OQAnRb79YiQ/SbwpdMt/Qg7/UCleMZ8 =vW4U -----END PGP SIGNATURE-----
Powered by blists - more mailing lists