Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1250

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1250
Last Modified 10 Dec 2008 01:34:32
Published 10 Mar 2008 01:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1250

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence.

Vulnerable Systems


References

XF - snom-sipphone-addressbook-csrf(40500)

BID - 27767

BUGTRAQ - 20080301 The Router Hacking Challenge is Over!

MISC - http://www.gnucitizen.org/projects/router-hacking-challenge/

SECUNIA - 28938


Last Updated: 27 May 2016 10:47:05