Security Advisories

Responsible Disclosure Policy

As a network and application security consulting firm, we are constantly researching new methods to understand and exploit computer products anticipating new threats and developing countermeasures to prevent those for our customers.

This policy states how Conviso IT Security will minimize risks to our clients and to the market and contribute to the security community through a Responsible Disclosure fashion.

Security Advisories

Recaptcha Word Press Plugin Cross Site Scripting Vulnerability | CVE 2011-0759

This advisory describes multiple Stored Cross Site Scripting (XSS) vulnerabilities and one Cross Site Request Forgery (CSRF) vulnerability on the plugin. As a result, an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the WordPress administrator user. Furthermore, the attacker can perform actions administrative privileges.

Status: There will be no updates available until the publishing date of this Security Advisory.

LiveZilla Cross Site Scripting Vulnerability | CVE-2010-4276

LiveZilla is an application provided by LiveZilla GmbH to provide Live Chats, monitor website visitors in real-time and convert them in to customers. LiveZilla is affected by Reflected Cross Site Scripting on server.php in the “module” track which calls a vulnerable javascript function.

Status: LiveZilla released an update to fix the vulnerability, please check the availability at their changelog page.

Embedded Video WordPress Plugin Cross Site Vulnerability | CVE-2010-4277

Embedded Video is a WordPress Plugin created by Jovel Stefan to easily embedded videos in blog posts. The videos can be uploaded to the web server or come from external portals (like YouTube, Google Video and others) and links to the video on the video portal or for download of the video can be automatically generated as well. The plugin has a Cross Site Script (XSS) vulnerability.

Status: There will be no updates due to the fact that this component is not maintained anymore.

Spree e-commerce JSON Hijacking Vulnerabilities | CVE-2010-3978

This advisory describes a vulnerability on Spree e-commerce, an open source commerce platform written for the Ruby on Rails framework. There are multiple JSON Hijacking vulnerabilities and as result, an attacker can steal confidential information such as product costs, price and quantities and users email, encrypted password, tokens, OpenID identifier, phone and address as well as orders count and values by period.

Status: Vendor notified in October 1, 2010 and version 0.11.2 available with the correspondent fix on November 2, 2010.

cform WordPress Plugin V 11.5 | CVE 2010-3977

This advisory describes an issue on file lib_ajax.php on version 11.5 that creates a data array with all values inserted on the form’s fields on a POST requisition. As there is no data validation of the rs and rsargs parameters, it is possible to inject malformed data by Javascript.

Status: Vendor notified in July 24, 2010 and version 11.6.1 available with the correspondent fix on August 22, 2010

24/7 Real Media’s Open AdStream V.5.7 | CVE 2010-1582

This advisory describes a vulnerability in the permission of the directory RealMedia created as default during the installation of Open AdStream, an ad campaign management platform provided by 24/7 Real Media, which exposes directly to the Internet the configuration files, including .sql which contains access credentials.

As a result, a cracker can use this flaw to install a backdoor or take the ownership of the affected component as he/she had access to all configuration files and access credentials.

Status: Vendor notified in January 14, 2010

Security Advisories

Responsible Disclosure Policy