SoftMaker Shop resultat.asp strSok Variable XSS

2006-02-03T04:03:22
ID OSVDB:22911
Type osvdb
Reporter Preben Nyløkken(preben@watchcom.no)
Modified 2006-02-03T04:03:22

Description

Vulnerability Description

SoftMaker Shop contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'strSok' variable upon submission to the 'resultat.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

SoftMaker Shop contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'strSok' variable upon submission to the 'resultat.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[target]/shop/handle/varer/sok/resultat.asp?strSok=[code]

References:

Vendor URL: http://www.softmaker.no/detail.aspx?catID=524&artID=2167 Secunia Advisory ID:18683 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0017.html ISS X-Force ID: 24451 FrSIRT Advisory: ADV-2006-0434 CVE-2006-0532 Bugtraq ID: 16471