J-Security Center

Title: Business Objects WebIntelligence Remote File Name HTML Injection Vulnerability

Severity: MODERATE

Description:

Business Objects WebIntelligence is a proprietary Web query, reporting, and analysis application. It is commercially available for Unix and Unix variant operating systems as well as Microsoft Windows.

Reportedly Business Objects WebIntelligence is affected by a remote file name HTML injection vulnerability. This issue is due to a failure of the application to sanitize file names prior to including them in dynamic web page content.

The problem is reported to present itself when a malicious file is uploaded to the server. An authenticated user may upload a file with a name containing HTML and script code. When an unsuspecting user browses to the file-listing page, the file name is displayed within the page without sanitization.

An attacker may leverage this issue to execute arbitrary HTML and script code in the browser of an unsuspecting user, facilitating theft of cookie based authentication credentials. Other attacks are also possible.

Affected Products:

  • Business Objects InfoView 5.1.4
  • Business Objects InfoView 5.1.5
  • Business Objects InfoView 5.1.6
  • Business Objects InfoView 5.1.7
  • Business Objects InfoView 5.1.8
  • Business Objects WebIntelligence 2.7.0
  • Business Objects WebIntelligence 2.7.1
  • Business Objects WebIntelligence 2.7.2
  • Business Objects WebIntelligence 2.7.3
  • Business Objects WebIntelligence 2.7.4

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.