ID |
CVE-2005-4493
|
Summary |
Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 6.8 (as of 17-07-2013 - 14:41) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
statements
via4
|
contributor | Jesse Heady | lastmodified | 2006-11-07 | organization | Speartek | statement | We are aware of numerous existing script vulnerabilities and exploits and stand by the security of our system and our ability to address these. This particular exploit is not particularly serious as no sensitive or private user information is ever held within cookies during our checkout process. All user information and client information is secure in our platform. We take all security threats quite seriously and view the efforts of the author of this particular exploit as harmful to our professional image. This is especially important to note because the particular script vulnerability that has been raised poses no real threat to the stability or security of our systems. Again, we are formally responding to this posted cross-site script vulnerability to communicate that we take all such potential security issues very seriously and this particular issue has been addressed.
In version 7.0.0 of our software, we have addressed the mentioned cross site scripting vulnerabilities. On any page that a form is on, the query string is sanitized to eliminate the vectors outlined in the XSS vulnerability. Form data is handled to protect against a form post from a different site to try and initialize a cross site scripting attacking via a form post. Sensitive data is not stored in session cookies and in the event that a cookie was stolen, it would contain nothing useful for the attacker. Our software is a hosted application, which allows us to make quick remedies as new exploits are found. Also, our system is monitored consistently and alerts are sent to our administrators when any malicious attempt is seen. The details of this alert include the data sent, from what referral and if there is a specific user that is being targeted on our system. |
|
Last major update |
17-07-2013 - 14:41 |
Published |
22-12-2005 - 11:03 |
Last modified |
17-07-2013 - 14:41 |