Sign-up

ID

VAR-200705-0404


CVE

CVE-2007-2680


TITLE

Canon Network Camera Server VB100 Series vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2007-000301

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Exploiting this issue may help the attacker steal cookie-based authentication credentials and launch other attacks. ---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. Input passed to certain parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Update to the latest firmware versions. VB100 V3.0 R71: http://cweb.canon.jp/drv-upd/webview/vb100farm.html VB101 V3.0 R71: http://cweb.canon.jp/drv-upd/webview/vb101farm.html VB150 V1.1 R41: http://cweb.canon.jp/drv-upd/webview/vb150farm.html PROVIDED AND/OR DISCOVERED BY: Reported in a JVN repository. ORIGINAL ADVISORY: Canon: http://cweb.canon.jp/drv-upd/webview/notification.html OTHER REFERENCES: JVN#06735665: http://jvn.jp/jp/JVN%2306735665/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-2680 // JVNDB: JVNDB-2007-000301 // BID: 23560 // VULHUB: VHN-26042 // PACKETSTORM: 56086

AFFECTED PRODUCTS

vendor:canonmodel:network camera server vb150scope:eqversion:1.1

Trust: 1.6

vendor:canonmodel:network camera server vb100scope:eqversion:3.0

Trust: 1.6

vendor:canonmodel:network camera server vb101scope:eqversion:3.0

Trust: 1.6

vendor:canonmodel:network camera serverscope:lteversion:vb100 and vb101 firmware ver. 3.0 rev.69

Trust: 0.8

vendor:canonmodel:network camera serverscope:lteversion:vb150 firmware ver. 1.1 rev.39

Trust: 0.8

vendor:canonmodel:network camera server vb150 firm r39scope:eqversion:v1.1

Trust: 0.3

vendor:canonmodel:network camera server vb101 firm r69scope:eqversion:v3.0

Trust: 0.3

vendor:canonmodel:network camera server vb100 firm r69scope:eqversion:v3.0

Trust: 0.3

vendor:canonmodel:network camera server vb150 firm r41scope:neversion:v1.1

Trust: 0.3

vendor:canonmodel:network camera server vb101 firm r71scope:neversion:v3.0

Trust: 0.3

vendor:canonmodel:network camera server vb100 firm r71scope:neversion:v3.0

Trust: 0.3

sources: BID: 23560 // JVNDB: JVNDB-2007-000301 // CNNVD: CNNVD-200705-282 // NVD: CVE-2007-2680

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-2680
value: MEDIUM

Trust: 1.0

IPA: JVNDB-2007-000301
value: LOW

Trust: 0.8

CNNVD: CNNVD-200705-282
value: MEDIUM

Trust: 0.6

VULHUB: VHN-26042
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-2680
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2007-000301
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-26042
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-26042 // JVNDB: JVNDB-2007-000301 // CNNVD: CNNVD-200705-282 // NVD: CVE-2007-2680

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-2680

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200705-282

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 56086 // CNNVD: CNNVD-200705-282

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-000301

PATCH
title:2007/4/19url:http://cweb.canon.jp/drv-upd/webview/notification.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-000301

EXTERNAL IDS
db:SECUNIAid:24940
Trust: 2.6
db:NVDid:CVE-2007-2680
Trust: 2.5
db:BIDid:23560
Trust: 2.0
db:OSVDBid:35019
Trust: 1.7
db:VUPENid:ADV-2007-1461
Trust: 1.7
db:JVNid:JVN06735665
Trust: 0.8
db:JVNDBid:JVNDB-2007-000301
Trust: 0.8
db:CNNVDid:CNNVD-200705-282
Trust: 0.7
db:JVNid:JVN#06735665
Trust: 0.6
db:VULHUBid:VHN-26042
Trust: 0.1
db:PACKETSTORMid:56086
Trust: 0.1
sources:
            
            
            VULHUB: VHN-26042 // 
            
            
            
            BID: 23560 // 
            
            
            
            JVNDB: JVNDB-2007-000301 // 
            
            
            
            PACKETSTORM: 56086 // 
            
            
            
            CNNVD: CNNVD-200705-282 // 
            
            
            
            NVD: CVE-2007-2680

REFERENCES
url:http://cweb.canon.jp/drv-upd/webview/notification.html
Trust: 2.1
url:http://jvn.jp/jp/jvn%2306735665/
Trust: 2.1
url:http://www.securityfocus.com/bid/23560
Trust: 1.7
url:http://osvdb.org/35019
Trust: 1.7
url:http://secunia.com/advisories/24940
Trust: 1.7
url:http://www.frsirt.com/english/advisories/2007/1461
Trust: 1.4
url:http://www.vupen.com/english/advisories/2007/1461
Trust: 1.1
url:http://secunia.com/advisories/24940/
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2680
Trust: 0.8
url:http://jvn.jp/en/jp/jvn06735665/index.html
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-2680
Trust: 0.8
url:http://cweb.canon.jp/drv-upd/webview/vb100farm.html
Trust: 0.4
url:http://cweb.canon.jp/drv-upd/webview/vb101farm.html
Trust: 0.4
url:http://cweb.canon.jp/drv-upd/webview/vb150farm.html
Trust: 0.4
url:http://www.canon.com/
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://corporate.secunia.com/trial/38/request/
Trust: 0.1
url:http://secunia.com/product/14000/
Trust: 0.1
url:http://secunia.com/product/14002/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/14001/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-26042 // 
            
            
            
            BID: 23560 // 
            
            
            
            JVNDB: JVNDB-2007-000301 // 
            
            
            
            PACKETSTORM: 56086 // 
            
            
            
            CNNVD: CNNVD-200705-282 // 
            
            
            
            NVD: CVE-2007-2680

CREDITS
JVN is credited with the discovery of this vulnerability.
Trust: 0.9
sources:
            
            
            BID: 23560 // 
            
            
            
            CNNVD: CNNVD-200705-282

SOURCES
db:VULHUBid:VHN-26042
db:BIDid:23560
db:JVNDBid:JVNDB-2007-000301
db:PACKETSTORMid:56086
db:CNNVDid:CNNVD-200705-282
db:NVDid:CVE-2007-2680

LAST UPDATE DATE
2024-11-23T22:09:54.228000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-26042date:2011-03-08T00:00:00
db:BIDid:23560date:2007-04-19T20:51:00
db:JVNDBid:JVNDB-2007-000301date:2008-05-21T00:00:00
db:CNNVDid:CNNVD-200705-282date:2007-06-14T00:00:00
db:NVDid:CVE-2007-2680date:2024-11-21T00:31:23.660

SOURCES RELEASE DATE
db:VULHUBid:VHN-26042date:2007-05-15T00:00:00
db:BIDid:23560date:2007-04-18T00:00:00
db:JVNDBid:JVNDB-2007-000301date:2008-05-21T00:00:00
db:PACKETSTORMid:56086date:2007-04-20T06:48:40
db:CNNVDid:CNNVD-200705-282date:2007-05-14T00:00:00
db:NVDid:CVE-2007-2680date:2007-05-15T00:19:00