CVE-2007-1467

LOW

3.5

CVSS Severity Score

EPSS Score0.1310%

EPSS Percentile4.64th

Published2007年3月16日

Last Modified2026年4月23日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.

Affected Platforms (CPE)

📦

Cisco

Acs Solution Engine

= 4.1

📦

Cisco

Acs Solution Engine

= 4.1

📦

Cisco

Ciscoworks

All versions

📦

Cisco

Ip Communicator

All versions

📦

Cisco

Meetingplace

All versions

📦

Cisco

Security Device Manager

All versions

📦

Cisco

Unified Meetingplace

All versions

📦

Cisco

Unified Meetingplace Express

All versions

📦

Cisco

Unified Personal Communicator

All versions

📦

Cisco

Unified Video Advantage

All versions

📦

Cisco

Unified Videoconferencing

All versions

📦

Cisco

Unified Videoconferencing Manager

All versions

📦

Cisco

Vpn Client

= 3.5.1

📦

Cisco

Vpn Client

= 3.5.1

📦

Cisco

Vpn Client

= 3.5.2

📦

Cisco

Vpn Client

= 3.5.2

📦

Cisco

Vpn Client

= 3.5.2

📦

Cisco

Vpn Client

= 3.5.2b

📦

Cisco

Vpn Client

= 3.5.2b

📦

Cisco

Vpn Client

= 3.5.2b

📦

Cisco

Vpn Client

= 3.5.4

📦

Cisco

Vpn Client

= 3.5.4

📦

Cisco

Vpn Client

= 3.5.4

📦

Cisco

Vpn Client

= 3.6

📦

Cisco

Vpn Client

= 3.6

📦

Cisco

Vpn Client

= 3.6

📦

Cisco

Vpn Client

= 3.6.1

📦

Cisco

Vpn Client

= 3.6.1

📦

Cisco

Vpn Client

= 3.6.1

📦

Cisco

Vpn Client

= 4.0.2a

📦

Cisco

Vpn Client

= 4.0.2a

📦

Cisco

Vpn Client

= 4.0.2c

📦

Cisco

Vpn Client

= 4.0.2c

📦

Cisco

Vpn Client

= 4.8.1

📦

Cisco

Wan Manager

All versions

📦

Cisco

Wireless Lan Controllers

All versions

📦

Cisco

Wireless Lan Solution Engine

All versions

🔌

Cisco

Call Manager

All versions

🔌

Cisco

Network Analysis Module

All versions

🔌

Cisco

Wireless Control System

= 4.0

References & Advisories

🔗 http://secunia.com/advisories/24499

🔗 http://securityreason.com/securityalert/2437

🔗 http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html

🔗 http://www.securityfocus.com/archive/1/462932/100/0/threaded

🔗 http://www.securityfocus.com/archive/1/462944/100/0/threaded

🔗 http://www.securityfocus.com/bid/22982

🔗 http://www.securitytracker.com/id?1017778

🔗 http://www.vupen.com/english/advisories/2007/0973

Vulnerability Description

Affected Platforms (CPE)

Acs Solution Engine

Acs Solution Engine

Ciscoworks

Ip Communicator

Meetingplace

Security Device Manager

Unified Meetingplace

Unified Meetingplace Express

Unified Personal Communicator

Unified Video Advantage

Unified Videoconferencing

Unified Videoconferencing Manager

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Vpn Client

Wan Manager

Wireless Lan Controllers

Wireless Lan Solution Engine

Call Manager

Network Analysis Module

Wireless Control System

References & Advisories

相关漏洞威胁