Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2763

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2011-2763
Last Modified 13 Feb 2012 11:07:50
Published 02 Sep 2011 12:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2763

Summary

The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.

Vulnerable Systems

Application

  • Lifesize Room Appliance Software 4.7.18

  • Lifesize Room Appliance Software Ls Rm1 3.5.3


References

CERT-VN - VU#213486

XF - lifesize-room-command-execution(69444)

BID - 49330

BUGTRAQ - 20110828 LifeSize Room Vulnerabilities

MISC - http://www.securestate.com/Documents/LifeSize_Room_Advisory.txt

EXPLOIT-DB - 17743

SREASON - 8363

SREASON - 8527


Last Updated: 27 May 2016 10:57:25