Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Subscribe











Security Vulnerability

Vigil@nce: OmniTouch Instant Communication Suite, Cross Site Scripting

November 2011 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can generate several Cross Site Scripting and Cross Site Request Forgery in OmniTouch Instant Communication Suite.

- Severity: 2/4
- Creation date: 24/10/2011

IMPACTED PRODUCTS

- Alcatel-Lucent OmniTouch 8400 Instant Communications Suite
- Alcatel-Lucent OmniTouch 8600 My Instant Communicator

DESCRIPTION OF THE VULNERABILITY

The OmniTouch Instant Communication Suite product is impacted by several vulnerabilities.

An attacker can create a Cross Site Scripting in the WebAdmin administration interface. [severity:2/4; CVE-2011-4058]

An attacker can create a Reflected Cross Site Scripting in the Web softphone interface. [severity:2/4; CVE-2011-4058]

An attacker can create a Stored Cross Site Scripting in the Web softphone interface. [severity:2/4; CVE-2011-4058]

An attacker can create a Cross Site Request Forgery in the Web softphone interface. [severity:2/4; CVE-2011-4059]

An attacker can therefore generate several Cross Site Scripting and Cross Site Request Forgery in OmniTouch Instant Communication Suite.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/O...


See previous articles

    

See next articles

Last events

Key players in security to meet in Lyon - Technology Against Crime – an International Forum on Technologies for a Safer World

Some 600 international security professionals from the public and private sectors will meet on 8 and 9 July 2013 at the Lyon Convention Centre (Cité Centre de Congrès) for the first international forum of its kind, bringing together senior representatives from the worlds of technology, security and industry to develop technological responses to evolving security challenges.


    

See all events

Toutes nos news en Francais











Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Security Vulnerability Malware Update Diary Guide & Podcast Jobs TRAINING Contact About Mentions légales S'identifier ADMIN

Global Security Mag Copyright 2011