fkie_cve-2007-1467
Vulnerability from fkie_nvd
Published
2007-03-16 21:19
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.
References
cve@mitre.orghttp://secunia.com/advisories/24499
cve@mitre.orghttp://securityreason.com/securityalert/2437
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.htmlVendor Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/462932/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/462944/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/22982
cve@mitre.orghttp://www.securitytracker.com/id?1017778
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0973
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/33024
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24499
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2437
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/462932/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/462944/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22982
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017778
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0973
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/33024
Impacted products
Vendor Product Version
cisco acs_solution_engine 4.1
cisco acs_solution_engine 4.1
cisco ciscoworks *
cisco ip_communicator *
cisco meetingplace *
cisco security_device_manager *
cisco unified_meetingplace *
cisco unified_meetingplace_express *
cisco unified_personal_communicator *
cisco unified_video_advantage *
cisco unified_videoconferencing *
cisco unified_videoconferencing_manager *
cisco vpn_client 3.5.1
cisco vpn_client 3.5.1
cisco vpn_client 3.5.2
cisco vpn_client 3.5.2
cisco vpn_client 3.5.2
cisco vpn_client 3.5.2b
cisco vpn_client 3.5.2b
cisco vpn_client 3.5.2b
cisco vpn_client 3.5.4
cisco vpn_client 3.5.4
cisco vpn_client 3.5.4
cisco vpn_client 3.6
cisco vpn_client 3.6
cisco vpn_client 3.6
cisco vpn_client 3.6.1
cisco vpn_client 3.6.1
cisco vpn_client 3.6.1
cisco vpn_client 4.0.2a
cisco vpn_client 4.0.2a
cisco vpn_client 4.0.2c
cisco vpn_client 4.0.2c
cisco vpn_client 4.8.1
cisco wan_manager *
cisco wireless_lan_controllers *
cisco wireless_lan_solution_engine *
cisco call_manager *
cisco network_analysis_module *
cisco wireless_control_system 4.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:acs_solution_engine:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2053FEE9-7DE5-4C5E-B2C1-5652301DBFFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:acs_solution_engine:4.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "3436B987-134F-47FD-94A9-B22E1D6E1F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A687E771-9653-4FB6-888C-C6D7874E8F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ip_communicator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E2590B4-F61E-4ED9-B4B2-45227CDF8E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:meetingplace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41EEA208-7F2E-4E01-8C8C-29009161E6EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_device_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42E7C476-E8CE-4CD4-9ED2-926B4BA6EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_meetingplace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713CDBB9-F841-455A-B173-7B239DF087D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_meetingplace_express:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8932A12B-BDAD-4078-92C3-720CE4E204CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_personal_communicator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC0A911-917D-426B-84D3-05BEAEE9C81F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_video_advantage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1BDD7B4-CD06-44D9-855B-30FFE673014E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_videoconferencing:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50D62D1-83D3-4347-A979-503294EC4B9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_videoconferencing_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19065178-BD77-4ED5-AE31-9904E348B2C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "2BD00D0A-EB6E-41AA-851D-9DD258E23BEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "88EB557F-33CD-40FE-B470-04F93CB2F3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "F2EEB23E-4592-49A1-BDC6-110580340AAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "D548CEFE-1970-42D3-9039-196A3B5F5D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "2D4BDB9B-99D8-42B7-8D57-2B57029220F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2b:*:linux:*:*:*:*:*",
              "matchCriteriaId": "B2F5C5E1-59A5-4402-BF6A-DDD05F8F07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2b:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "269EE54C-B6C7-4F3E-B4ED-12CF9F277569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2b:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "12A573DB-1D58-4A78-85C6-B2A3B09F34B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.4:*:linux:*:*:*:*:*",
              "matchCriteriaId": "DEB505B7-54A0-4A53-81FC-9E6635A50BB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.4:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "1728BA7D-0124-4E7B-9D0A-549DB87F3732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.4:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "DD1D17D3-F56E-47FC-90F9-54AC4446CB11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.6:*:linux:*:*:*:*:*",
              "matchCriteriaId": "9A9F7CE9-771E-4F0C-B4DD-B9517F70BBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.6:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "0C7B2037-406B-4A18-9B5D-D3F206C58AE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.6:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "08A9E927-1092-4F6A-A099-DB80EA060F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.6.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "872A3F31-1008-416A-9881-803E7DF11B1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.6.1:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "50FB297D-5289-46D1-82C2-E83C3020895C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.6.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "D88E0D0C-03EF-4528-93C9-97B39342CA82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2a:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "4C111372-50F2-4F3E-8DFE-1EB5509B489C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2a:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B19317CB-C159-4BEF-B8F8-A919E8DF6783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2c:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "B7C7C00F-72E3-41E1-A763-0209AF639053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:4.0.2c:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B205CD80-4469-4DA9-B0E1-73C2B83E33D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:4.8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "8FD6C3C5-A7D3-4208-A23C-BA7D5626FB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wan_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEFD455A-7E41-4C95-A1E9-1A4867DA4F4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controllers:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88AB3CC-4F0E-4A82-B4F0-13EDA4948BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FDEE04C-0231-42F7-9736-EB3B7A020E50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD82BCCE-F68A-48A5-B484-98D9C3024E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:wireless_control_system:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFF3680D-50CB-4854-84B8-34129DDB2A2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1) PreSearch.html y (2) PreSearch.class en Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks y productos relacionados, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), y Wireless Control System (WCS) permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de campos de texto de un formulario de b\u00fasqueda."
    }
  ],
  "id": "CVE-2007-1467",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-03-16T21:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/24499"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/2437"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22982"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017778"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0973"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/2437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/462932/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/462944/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33024"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.