|
|
CVE Reference: CVE-2006-1672 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1672 |
|
|
Description: The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25647 ST 1015871 SAID Secunia Advisory: SA19553 OSVDB 24438 CISCO http://www.cisco.com/warp/public/707/cisco-sa-20060405-ons.shtml BID 17384 |
|
| Return to the previous page. |
