ID CVE-2005-4493
Summary Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:speartek:speartek:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:speartek:speartek:6.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 17-07-2013 - 14:41)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 16018
misc http://pridels0.blogspot.com/2005/12/speartek-xss-vuln.html
osvdb 22068
vim 20060830 22068: Speartek Search Module XSS (fwd)
vupen ADV-2005-3052
statements via4
contributor Jesse Heady
lastmodified 2006-11-07
organization Speartek
statement We are aware of numerous existing script vulnerabilities and exploits and stand by the security of our system and our ability to address these. This particular exploit is not particularly serious as no sensitive or private user information is ever held within cookies during our checkout process. All user information and client information is secure in our platform. We take all security threats quite seriously and view the efforts of the author of this particular exploit as harmful to our professional image. This is especially important to note because the particular script vulnerability that has been raised poses no real threat to the stability or security of our systems. Again, we are formally responding to this posted cross-site script vulnerability to communicate that we take all such potential security issues very seriously and this particular issue has been addressed. In version 7.0.0 of our software, we have addressed the mentioned cross site scripting vulnerabilities. On any page that a form is on, the query string is sanitized to eliminate the vectors outlined in the XSS vulnerability. Form data is handled to protect against a form post from a different site to try and initialize a cross site scripting attacking via a form post. Sensitive data is not stored in session cookies and in the event that a cookie was stolen, it would contain nothing useful for the attacker. Our software is a hosted application, which allows us to make quick remedies as new exploits are found. Also, our system is monitored consistently and alerts are sent to our administrators when any malicious attempt is seen. The details of this alert include the data sent, from what referral and if there is a specific user that is being targeted on our system.
Last major update 17-07-2013 - 14:41
Published 22-12-2005 - 11:03
Last modified 17-07-2013 - 14:41
Back to Top