Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4284

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4284
Last Modified 07 Mar 2011 09:58:18
Published 09 Aug 2007 05:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4284

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) Success Template (STPL) and (2) Failure Template (FTPL) parameters, which are not properly handled in an error message.

Vulnerable Systems

Application

  • Cisco Meetingplace Web Confrencing 5.3%28235%29


References

XF - cisco-meetingplace-unspecified-xss(35871)

VUPEN - ADV-2007-2815

BID - 25237

BUGTRAQ - 20070808 RE: XSS vulnerability in Cisco MeetingPlace

BUGTRAQ - 20070808 XSS vulnerability in Cisco MeetingPlace

CISCO - 20070808 Cisco Unified MeetingPlace XSS Vulnerability

SECTRACK - 1018537

SREASON - 2990

SECUNIA - 26376


Last Updated: 27 May 2016 10:45:49