Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4553

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2011-4553
Last Modified 08 Dec 2011 12:00:00
Published 06 Dec 2011 06:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4553

Summary

Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the return_to parameter, and allow (2) remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via crafted characters in the domain name of a subdomain.

Vulnerable Systems

Application

  • Oneclickorgs One Click Orgs 1.0.0

  • Oneclickorgs One Click Orgs 1.0.1

  • Oneclickorgs One Click Orgs 1.1.0

  • Oneclickorgs One Click Orgs 1.1.1

  • Oneclickorgs One Click Orgs 1.2.0

  • Oneclickorgs One Click Orgs 1.2.1

  • Oneclickorgs One Click Orgs 1.2.2


References

MLIST - [oneclickorgs-devspace] 20111117 Announce: One Click Orgs 1.2.3

MISC - http://dmcdonald.net/?page_id=43


Last Updated: 27 May 2016 10:57:49