‫ HP System Management Homepage Multiple Vulnerabilities

IRCAD2013072800
 
ID: IRCAD2013072800
Release Date: 2013-07-19
Criticality level: Highly critical
 
Software:
HP System Management Homepage 7.x
 
Description:
A weakness, a security issue, and multiple vulnerabilities have been reported in HP System Management Homepage, which can be exploited by malicious, local users to potentially gain escalated privileges and cause a DoS (Denial of Service), by malicious users to cause a DoS (Denial of Service), and by malicious people to conduct cross-site scripting attacks, disclose certain sensitive information, hijack a user's session, and compromise a vulnerable system.
1) An unspecified error can be exploited to disclose certain information. No further information is currently available.
2) Another unspecified error can be exploited to disclose information. No further information is currently available.
3) An unspecified error can be exploited to cause a DoS. No further information is currently available.
4) Another unspecified error can be exploited to cause a DoS. No further information is currently available.
5) Another unspecified error can be exploited to cause a DoS. No further information is currently available.
6) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
7) An unspecified error can be exploited to disclose information. No further information is currently available.
8) Another unspecified error can be exploited to disclose information. No further information is currently available.
9) Another unspecified error can be exploited to disclose certain information. No further information is currently available.
10) An unspecified error can be exploited to cause a DoS. No further information is currently available.
The weakness, security issue, and vulnerabilities are reported in versions 7.2 and prior.
 
Solution
Update to version 7.2.1 or later.
 
References:
HPSBMU02900:
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 29 تیر 1392

امتیاز

امتیاز شما
تعداد امتیازها:0