CVE-2009-1201
published 2009-06-25CVE-2009-1201: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software…
PriorityP429medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
8.83%
94.5th percentile
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | adaptive_security_appliance | — | — |
| cisco | adaptive_security_appliance | — | — |
| cisco | adaptive_security_appliance | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_cisco4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco ASA Adaptive Security Appliance Clientless SSL VPN DOM Cross-Site Scripting Vulnerability
vendor_cisco·2009-06-24·CVSS 4.3
CVE-2009-1201 [MEDIUM] Cisco ASA Adaptive Security Appliance Clientless SSL VPN DOM Cross-Site Scripting Vulnerability
Cisco ASA Adaptive Security Appliance Clientless SSL VPN DOM Cross-Site Scripting Vulnerability
Cisco ASA Adaptive Security Appliance Software versions prior to 8.0.4(34), 8.1.2(25), and 8.2.1(3) that are configured to accept Clientless SSL VPN connections are affected by a cross-site scripting vulnerability. Versions 7.x are not affected.
The vulnerability is due to insufficient restrictions on access to the JavaScript-based Document Object Model (DOM) that the SSL VPN feature of Cisco ASA uses when clients browse web pages using the VPN web portal. If an unauthenticated, remote attacker can convince a user to visit a malicious page while the user is logged in to the secure portal, the attacker could execute arbitrary script or HTML code in the security context of the affected site.
Cisc
GHSA
GHSA-6wmj-w48w-cqh5: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte
ghsa_unreviewed·2022-05-02
CVE-2009-1201 [MEDIUM] CWE-79 GHSA-6wmj-w48w-cqh5: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
Suricata
ET WEB_SERVER Possible Cisco ASA Appliance Clientless SSL VPN HTML Rewriting Security Bypass Attempt/Cross Site Scripting Attempt
suricata·2010-07-30
CVE-2009-1201 ET WEB_SERVER Possible Cisco ASA Appliance Clientless SSL VPN HTML Rewriting Security Bypass Attempt/Cross Site Scripting Attempt
ET WEB_SERVER Possible Cisco ASA Appliance Clientless SSL VPN HTML Rewriting Security Bypass Attempt/Cross Site Scripting Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Possible Cisco ASA Appliance Clientless SSL VPN HTML Rewriting Security Bypass Attempt/Cross Site Scripting Attempt"; flow:established,to_client; file.data; content:"CSCO_WebVPN"; fast_pattern; nocase; content:"csco_wrap_js"; within:100; nocase; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=18442; reference:url,www.securityfocus.com/archive/1/504516; reference:url,www.securityfocus.com/bid/35476; reference:cve,2009-1201; reference:cve,2009-1202; classtype:web-application-attack; sid:2010730; rev:6; metadata:affected_product Web_Server_Applications, attack_target Web_Serv
Bugzilla
CVE-2009-2690 OpenJDK private variable information disclosure (6777487)
bugzilla·2009-07-22·CVSS 5.0
CVE-2009-2690 [MEDIUM] CVE-2009-2690 OpenJDK private variable information disclosure (6777487)
CVE-2009-2690 OpenJDK private variable information disclosure (6777487)
An information disclosure flaw was found in the way private Java variables were handled. An untrusted applet or application could use this flaw to obtain information from variables that would otherwise be private.
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1200 https://rhn.redhat.com/errata/RHSA-2009-1200.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2009:1201 https://rhn.redhat.com/errata/RHSA-2009-1201.html
---
java-1.6.0-openjdk-1.6.0.0-27.b16.fc11 has been pushed to the Fedora 11 stable reposit
Bugzilla
CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293)
bugzilla·2009-07-22·CVSS 10.0
CVE-2009-2476 [CRITICAL] CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293)
CVE-2009-2476 OpenJDK OpenType checks can be bypassed (6736293)
It was discovered that OpenType checks can be bypassed. This could allow a
rogue application to bypass access restrictions by acquiring references to
privileged objects through finalizer resurrection.
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1200 https://rhn.redhat.com/errata/RHSA-2009-1200.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2009:1201 https://rhn.redhat.com/errata/RHSA-2009-1201.html
---
java-1.6.0-openjdk-1.6.0.0-27.b16.fc11 has been pushed to the Fedora 11 stable repository. If problems stil
Bugzilla
CVE-2009-2689 OpenJDK JDK13Services grants unnecessary privileges (6777448)
bugzilla·2009-07-22·CVSS 10.0
CVE-2009-2689 [CRITICAL] CVE-2009-2689 OpenJDK JDK13Services grants unnecessary privileges (6777448)
CVE-2009-2689 OpenJDK JDK13Services grants unnecessary privileges (6777448)
It was discovered that JDK13Services grants unnecessary privileges to
certain object types. This could be misused by an untrusted applet or
application to use otherwise restricted functionality.
http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1199 https://rhn.redhat.com/errata/RHSA-2009-1199.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2009:1201 https://rhn.redhat.com/errata/RHSA-2009-1201.html
---
java-1.6.0-openjdk-1.6.0.0-27.b16.fc11 has been pushed to the Fedora 11 stable repository. If problem
Bugzilla
CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524)
bugzilla·2009-07-21·CVSS 5.0
CVE-2009-2670 [MEDIUM] CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524)
CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524)
A flaw was found in the JRE audio system. An untrusted applet or
application could use this flaw to gain read access to restricted System
properties.
http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1199 https://rhn.redhat.com/errata/RHSA-2009-1199.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1200 https://rhn.redhat.com/errata/RHSA-2009-1200.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2009:1201 https://rhn.redhat
Bugzilla
CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow (6823373)
bugzilla·2009-07-21·CVSS 7.5
CVE-2009-2674 [HIGH] CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow (6823373)
CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow (6823373)
An integer overflow flaw was found in the way the JRE processes JPEG
images. An untrusted application could use this flaw to extend its
privileges, allowing it to read and write local files, as well as to
execute local applications with the privileges of the user running the
application.
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2009:1200 https://rhn.redhat.com/errata/RHSA-2009-1200.html
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Via RHSA-2009:1201 https://rhn.redhat.com/errata/RHSA-2009-1201.html
---
java
http://secunia.com/advisories/35511http://www.securityfocus.com/archive/1/504516/100/0/threadedhttp://www.securityfocus.com/bid/35476http://www.securitytracker.com/id?1022457http://www.vupen.com/english/advisories/2009/1713https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txthttp://secunia.com/advisories/35511http://www.securityfocus.com/archive/1/504516/100/0/threadedhttp://www.securityfocus.com/bid/35476http://www.securitytracker.com/id?1022457http://www.vupen.com/english/advisories/2009/1713https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt
2009-06-25
Published