Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine 09 October 2003
PDF version: http://www.sintelli.com/adv/sa-2003-02-zoomsearch.pdf
Background Zoom is a package that adds search facilities to your website and produces fast search results by indexing your website in advance. Unlike other solutions relying on server-side software, Zoom allows you to do this from the convenience of your own Windows computer.
More information about the product is available here: http://www.wrensoft.com/zoom/index.html
Description The Zoom Search engine does not properly filter user supplied input when displaying the search results. This issue allows remote attacker to inject malicious code in the target system. All the code will be executed within the context of the website. An example of such an attack is
In order for the attack to work a user must click on one of these specially crafted URLs, which can be sent by email to the user, or by the using clicking on a link.
Impact It is possible for an attacker to retrieve information from a user's system.
Versions affected Version 2.0 - Build: 1018 (Earlier builds may be vulnerable)
Solution Upgrade to Build 1019. This can be downloaded from http://www.wrensoft.com/ftp/zoomsearch.exe
Vulnerability History 30 Sep 2003 Identified by Ezhilan of Sintelli 01 Oct 2003 Issue disclosed to Wrensoft 02 Oct 2003 Second notification to Wrensoft 02 Oct 2003 Vulnerability confirmed by Raymond Leung of Wrensoft. 08 Oct 2003 Sintelli informed of fix Wrensoft 08 Oct 2003 Sintelli confirms vulnerability has been addressed 08 Oct 2003 Build 1019 available 09 Oct 2003 Sintelli Public Disclosure
Credit Ezhilan of Sintelli discovered this vulnerability.
About Sintelli: Sintelli is the world's largest provider of security intelligence solutions. Sintelli is the definitive source for IT Security intelligence and is a provider of third generation intelligence security solutions.
Request a free trial of our alerting solution by clicking here http://www.sintelli.com/free-trial.htm
Copyright 2003 Sintelli Limited. All rights reserved. www.sintelli.com
Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html