Multiple Siemens OpenScape Products Multiple Security Vulnerabilities

Multiple Siemens OpenScape products are prone to multiple vulnerabilities including:

1. An information-disclosure vulnerability
2. Multiple cross-site scripting vulnerabilities
3. A local file-disclosure vulnerability
4. A command-injection vulnerability

An attacker can exploit these issues to obtain sensitive information, steal cookie-based authentication credentials, or execute arbitrary commands in context of the web server. Other attacks may also be possible.


 

Privacy Statement
Copyright 2010, SecurityFocus