CVE-2007-1467
Summary
| CVE | CVE-2007-1467 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-03-16 21:19:00 UTC |
| Updated | 2018-10-16 16:38:00 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Acs Solution Engine | 4.1 | All | All | All |
| Application | Cisco | Acs Solution Engine | 4.1 | All | windows | All |
| Application | Cisco | Acs Solution Engine | 4.1 | All | All | All |
| Application | Cisco | Acs Solution Engine | 4.1 | All | windows | All |
| Hardware | Cisco | Call Manager | All | All | All | All |
| Hardware | Cisco | Call Manager | All | All | All | All |
| Application | Cisco | Ciscoworks | All | All | All | All |
| Application | Cisco | Ciscoworks | All | All | All | All |
| Application | Cisco | Ip Communicator | All | All | All | All |
| Application | Cisco | Ip Communicator | All | All | All | All |
| Application | Cisco | Meetingplace | All | All | All | All |
| Application | Cisco | Meetingplace | All | All | All | All |
| Hardware | Cisco | Network Analysis Module | All | All | All | All |
| Hardware | Cisco | Network Analysis Module | All | All | All | All |
| Application | Cisco | Security Device Manager | All | All | All | All |
| Application | Cisco | Security Device Manager | All | All | All | All |
| Application | Cisco | Unified Meetingplace | All | All | All | All |
| Application | Cisco | Unified Meetingplace | All | All | All | All |
| Application | Cisco | Unified Meetingplace Express | All | All | All | All |
| Application | Cisco | Unified Meetingplace Express | All | All | All | All |
| Application | Cisco | Unified Personal Communicator | All | All | All | All |
| Application | Cisco | Unified Personal Communicator | All | All | All | All |
| Application | Cisco | Unified Videoconferencing | All | All | All | All |
| Application | Cisco | Unified Videoconferencing | All | All | All | All |
| Application | Cisco | Unified Videoconferencing Manager | All | All | All | All |
| Application | Cisco | Unified Videoconferencing Manager | All | All | All | All |
| Application | Cisco | Unified Video Advantage | All | All | All | All |
| Application | Cisco | Unified Video Advantage | All | All | All | All |
| Application | Cisco | Vpn Client | 3.5.1 | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.1 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.5.2 | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.2 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.5.2 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.5.2b | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.2b | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.5.2b | All | solaris | All |
| Application | Cisco | Vpn Client | 3.5.4 | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.4 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.5.4 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.6 | All | linux | All |
| Application | Cisco | Vpn Client | 3.6 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.6 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.6.1 | All | linux | All |
| Application | Cisco | Vpn Client | 3.6.1 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.6.1 | All | solaris | All |
| Application | Cisco | Vpn Client | 4.0.2a | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 4.0.2a | All | solaris | All |
| Application | Cisco | Vpn Client | 4.0.2c | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 4.0.2c | All | solaris | All |
| Application | Cisco | Vpn Client | 4.8.1 | All | windows | All |
| Application | Cisco | Vpn Client | 3.5.1 | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.1 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.5.2 | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.2 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.5.2 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.5.2b | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.2b | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.5.2b | All | solaris | All |
| Application | Cisco | Vpn Client | 3.5.4 | All | linux | All |
| Application | Cisco | Vpn Client | 3.5.4 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.5.4 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.6 | All | linux | All |
| Application | Cisco | Vpn Client | 3.6 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.6 | All | solaris | All |
| Application | Cisco | Vpn Client | 3.6.1 | All | linux | All |
| Application | Cisco | Vpn Client | 3.6.1 | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 3.6.1 | All | solaris | All |
| Application | Cisco | Vpn Client | 4.0.2a | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 4.0.2a | All | solaris | All |
| Application | Cisco | Vpn Client | 4.0.2c | All | mac_os_x | All |
| Application | Cisco | Vpn Client | 4.0.2c | All | solaris | All |
| Application | Cisco | Vpn Client | 4.8.1 | All | windows | All |
| Application | Cisco | Wan Manager | All | All | All | All |
| Application | Cisco | Wan Manager | All | All | All | All |
| Hardware | Cisco | Wireless Control System | 4.0 | All | All | All |
| Hardware | Cisco | Wireless Control System | 4.0 | All | All | All |
| Application | Cisco | Wireless Lan Controllers | All | All | All | All |
| Application | Cisco | Wireless Lan Controllers | All | All | All | All |
| Application | Cisco | Wireless Lan Solution Engine | All | All | All | All |
| Application | Cisco | Wireless Lan Solution Engine | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Cisco Security Response: Cross-Site Scripting Vulnerability in Online Help System [Products & Services] - Cisco Systems | CISCO | www.cisco.com | Vendor Advisory |
| Cisco Online Help System Input Validation Hole Permits Cross-Site Scripting Attacks Against Several Cisco Products - SecurityTracker | SECTRACK | www.securitytracker.com | |
| SecurityReason - XSS vulnerability in the online help system of several Cisco products | SREASON | securityreason.com | |
| Multiple Cisco Products Online Help Cross Site Scripting Vulnerability | BID | www.securityfocus.com | |
| Cisco Multiple Products Online Help System Cross-Site Scripting - Advisories - Secunia | SECUNIA | secunia.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.