ID

VAR-E-201607-0102


TITLE

Neoscreen Multiple Security Vulnerabilities

Trust: 0.3

sources: BID: 92106

DESCRIPTION

Neoscreen is prone to multiple security vulnerabilities.
An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data or to bypass authentication mechanism; that may aid in further attacks.
Neoscreen 4.5 is vulnerable; other versions may also be affected.

Trust: 0.3

sources: BID: 92106

AFFECTED PRODUCTS

vendor:cubemodel:digital media neoscreenscope:eqversion:4.5

Trust: 0.3

vendor:cubemodel:digital media neoscreenscope:neversion:5.0

Trust: 0.3

sources: BID: 92106

EXPLOIT

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Trust: 0.3

sources: BID: 92106

PRICE

Free

Trust: 0.3

sources: BID: 92106

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 92106

CREDITS

Discovered by Alex Haynes

Trust: 0.3

sources: BID: 92106

EXTERNAL IDS

db:BIDid:92106

Trust: 0.3

sources: BID: 92106

REFERENCES

url:http://seclists.org/bugtraq/2016/jul/115

Trust: 0.3

url:http://seclists.org/bugtraq/2016/jul/114

Trust: 0.3

url:http://www.cube-display.fr/

Trust: 0.3

url:http://seclists.org/bugtraq/2016/jul/113

Trust: 0.3

sources: BID: 92106

SOURCES

db:BIDid:92106

LAST UPDATE DATE

2022-07-27T09:11:39.271000+00:00


SOURCES UPDATE DATE

db:BIDid:92106date:2016-07-24T00:00:00

SOURCES RELEASE DATE

db:BIDid:92106date:2016-07-24T00:00:00