Open-Xchange AppSuite 7.4.0 Improper Neutralization

2014.01.07
Credit: Martin Braun
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

Open-Xchange Security Advisory 2014-01-06 Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30203 (Bug ID) Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page) Vulnerable version: 7.4.0 and earlier Vulnerable component: backend Fixed version: 7.4.0-rev21, 7.4.1-rev9 Report confidence: Confirmed Solution status: Fixed by Vendor Vendor notification: 2013-12-06 Solution date: 2013-12-12 Public disclosure: 2014-01-06 CVE reference: CVE-2013-6997 CVSSv2: 4.1 (AV:N/AC:M/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C/CDP:ND/TD:H/CR:ND/IR:ND/AR:ND) Vulnerability Details: Embedding certain CSS code with wildcard characters within an HTML E-Mail can be used to modify the AppSuite web interface. Risk: Malicious CSS code gets applied to the default AppSuite web interface. This may be used to lure users to execute certain functions, phishing attempts or simply making the web interface dysfunctional. Solution: Users should update to the latest available patch releases. Users should avoid opening E-Mail attachments from untrusted sources. Users should disable rendering of the HTML content part of E-Mail. Internal reference: 30098 (Bug ID) Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page) Vulnerable version: 7.4.0 and earlier Vulnerable component: office-web Fixed version: 7.4.0-rev12, 7.4.1-rev6 Report confidence: Confirmed Solution status: Fixed by Vendor Vendor notification: 2013-11-29 Solution date: 2013-12-12 Public disclosure: 2014-01-06 CVE reference: CVE-2013-6997 CVSSv2: 5.7 (AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:U/RC:C/CDP:LM/TD:H/CR:ND/IR:ND/AR:ND) Vulnerability Details: Embedded JavaScript code within office documents gets executed when using crafted hyperlinks with script URL handlers. Risk: Malicious script code can be executed within a users context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.). The user has to actively click a malicious hyperlink in order to trigger the script code. Solution: Users should update to the latest available patch releases. Users should avoid opening office documents and hyperlinks from untrusted sources.

References:

http://cxsecurity.com/issue/WLB-2013110196


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top