Info

Disclosure

Jan 12, 2006

Discovery

Dec 29, 2005

Dates

Exploit

Jan 12, 2006

Solution

Unknown

Description

H-Sphere contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'login' variable upon submission to the 'psoft.hsphere.CP' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 2.4.3 Patch 9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Positive Software Corporation

H-Sphere

2.4.3 Patch 8

References

Secunia Advisory ID: 18447
CVE ID: 2006-0193 (see also: NVD)
ISS X-Force ID: 24096
VUPEN Advisory: ADV-2006-0172
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0185.html
Vendor Specific News/Changelog Entry: http://www.psoft.net/HSdocumentation/versions/index.php?v=243p9&p=r

Credit

M.Neset KABAKLI - nesetwakiza.com - Wakiza Software Technologies

Direct URL: http://osvdb.org/22372