Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability

2011.01.11
Credit: ml
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 3.5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 6.8/10
Exploit range: Remote
Attack complexity: Medium
Authentication: Single time
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Title: Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability Risk (CVSS2 Base Score): High (7.0) Solutionary ID: SERT-VDN-1002 CVE ID: CVE-2010-4322 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta- 3-XSS-vulnerability.html Product: Vibe 3 BETA OnPrem Application vendor: Novell Vendor URL: http://www.novell.com/products/vibe-onprem/ Date discovered: 11/10/2010 Discovered by: Rob Kraus, Paul Petefish, and Solutionary Engineering Research Team (SERT) Vendor notification date: 12/3/2010 Vendor response date: 12/3/2010 Vendor acknowledgment date: 12/3/2010 Vendor provided fix: Final shipping version of Novell Vibe OnPrem 3 Release coordinated with the vendor: 12/4/2010 Public disclosure date: 12/10/2010 Type of vulnerability: Stored Cross-site Scripting (XSS) Exploit vectors: Local and Remote Vulnerability description: Users can include and store arbitrary client side code such as JavaScript in the Novell Vibe web application. The code then can be executed within an unsuspecting victim?s browser. The vulnerability exists due to the ?/gwtTeaming.rpc? code not properly sanitizing user input into the ?What Are You Working On?? or Micro Blog entry field. Also, the application fails to encode the output allowing for the execution of the script. Tested on: Cent OS 5.5 (kernel 2.6.18-194), MySQL Version 14.12 Distribution 5.0.77, and Novell Vibe 3 BETA OnPrem. Affected software versions: Vibe 3 BETA OnPrem Impact: Any user who can view another user?s Micro Blog entry is vulnerable to this XSS attack. Successful exploitation of this vulnerability could result in session cookie theft, session hijacking, URL redirection, and possible operating system code execution on the targeted victim?s host. Fixed in: Fixed in the final shipping version of Novell Vibe OnPrem 3 Remediation guidelines: Update to the final shipping version of Novell Vibe OnPrem 3 Keywords: security, vulnerability, Novell, vibe, collaboration, xss, stored, cross-site scripting Solutionary, Inc. Vulnerability Disclosure Policy http://www.solutionary.com/index/SERT/Vulnerability-Disclosure-Policy.ht ml

References:

http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html
http://www.securityfocus.com/archive/1/archive/1/515147/100/0/threaded


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top