Computer Security
[EN] securityvulns.ru no-pyccku


HP Business Availability Center security vulnerabilities
Published:07.09.2012
Source:
SecurityVulns ID:12578
Type:remote
Threat Level:
5/10
Description:Crossite scripting, requests spoofing, sessions hijacking.
Affected:HP : Business Availability Center 8.07
CVE:CVE-2012-3257 (HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors.)
 CVE-2012-3256 (Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.)
 CVE-2012-3255 (Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
Original documentdocumentHP, [security bulletin] HPSBMU02811 SSRT100937 rev.1 - HP Business Availability Center (BAC) Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Web Session Hijacking (07.09.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod