ID
VAR-E-201607-0102
TITLE
Neoscreen Multiple Security Vulnerabilities
Trust: 0.3
DESCRIPTION
Neoscreen is prone to multiple security vulnerabilities.
An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data or to bypass authentication mechanism; that may aid in further attacks.
Neoscreen 4.5 is vulnerable; other versions may also be affected.
Trust: 0.3
AFFECTED PRODUCTS
vendor: | cube | model: | digital media neoscreen | scope: | eq | version: | 4.5 | Trust: 0.3 |
vendor: | cube | model: | digital media neoscreen | scope: | ne | version: | 5.0 | Trust: 0.3 |
EXPLOIT
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
Discovered by Alex Haynes
Trust: 0.3
EXTERNAL IDS
db: | BID | id: | 92106 | Trust: 0.3 |
REFERENCES
url: | http://seclists.org/bugtraq/2016/jul/115 | Trust: 0.3 |
url: | http://seclists.org/bugtraq/2016/jul/114 | Trust: 0.3 |
url: | http://www.cube-display.fr/ | Trust: 0.3 |
url: | http://seclists.org/bugtraq/2016/jul/113 | Trust: 0.3 |
SOURCES
db: | BID | id: | 92106 |
LAST UPDATE DATE
2022-07-27T09:11:39.271000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 92106 | date: | 2016-07-24T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 92106 | date: | 2016-07-24T00:00:00 |