Novell Filr Multiple Security Vulnerabilities

Micro Focus (Novell) Filr is prone to the following security vulnerabilities.

1. A cross-site request forgery
2. An OS-command injection
3. A use of known vulnerability component
4. A cross-site scripting vulnerability
5. Missing Cookie-Flags
6. An authentication bypass
7. A directory traversal vulnerability
8. An insecure file permission vulnerability

An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass certain security restrictions or perform unauthorized actions in the context of the affected application. Other attacks are also possible.


 

Privacy Statement
Copyright 2010, SecurityFocus