exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Opoint Media Intelligence Open Redirect

Opoint Media Intelligence Open Redirect
Posted Apr 16, 2015
Authored by Jing Wang

Opoint Media Intelligence suffers from an open redirect vulnerability.

tags | exploit
SHA-256 | 97726adab38a15cdc9d6396ef6393518664b286821d2b8b6a2235a7c8ff95f2c

Opoint Media Intelligence Open Redirect

Change Mirror Download
*Opoint Media Intelligence Unvalidated Redirects and Forwards (URL
Redirection) Security Vulnerabilities*


Exploit Title: Opoint Media Intelligence click.php? &noblink parameter URL
Redirection Security Vulnerabilities
Vendor: Opoint
Product: Opoint Media Intelligence
Vulnerable Versions:
Tested Version:
Advisory Publication: April 14, 2015
Latest Update: April 14, 2015
Vulnerability Type: URL Redirection to Untrusted Site ('Open Redirect')
[CWE-601]
CVE Reference: *
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 8.6
Discover and Writer: Wang Jing [Mathematics, Nanyang Technological
University (NTU), Singapore]







*Suggestion Details:*


*(1) Vendor & Product Description:*


*Vendor:*
Opoint



*Product & Vulnerable Version:*
Opoint Media Intelligence



*Vendor URL & Download*:
Opoint Media Intelligence can be got from here,
http://www.opoint.com/index.php?page=home




*Product Introduction Overview:*
"Today, some libraries want to enhance their online presence in ways that
go beyond the traditional OPAC and the "library portal" model to better
integrate the latest Web functionality. With Opoint Media Intelligence,
libraries will be able to take advantage of the latest Web technologies and
engage Web-savvy users more effectively than ever before. Opoint Media
Intelligence is a complete update of the Web OPAC interface"

"Opoint Media Intelligence breaks through the functional and design
limitations of the traditional online catalog. Its solid technology
framework supports tools for patron access such as Spell Check; integrated
Really Simple Syndication (RSS) feeds; a suite of products for seamless
Campus Computing; and deep control over information content and
presentation with Cascading Style Sheets (CSS). Opoint Media Intelligence
is also a platform for participation when integrated with Innovative's
Patron Ratings features and Community Reviews product. What's more, with
Opoint Media Intelligence's RightResult™ search technology, the most
relevant materials display at the top so patrons get to the specific items
or topics they want to explore immediately. Opoint Media Intelligence can
also interconnect with Innovative's discovery services platform, Encore.
And for elegant access through Blackberry® Storm™ or iPhone™, the AirPAC
provides catalog searching, item requesting, and more."





*(2) Vulnerability Details:*
Opoint Media Intelligence web application has a security bug problem. It
can be exploited by Unvalidated Redirects and Forwards (URL Redirection)
attacks. This could allow a user to create a specially crafted URL, that if
clicked, would redirect a victim from the intended legitimate web site to
an arbitrary web site of the attacker's choosing. Such attacks are useful
as the crafted URL initially appear to be a web page of a trusted site.
This could be leveraged to direct an unsuspecting user to a web page
containing attacks that target client side software such as a web browser
or document rendering programs.

Other Opoint products 0day vulnerabilities have been found by some other
bug hunter researchers before. Opoint has patched some of them. Web
Security Watch is an aggregator of security reports coming from various
sources. It aims to provide a single point of tracking for all publicly
disclosed security issues that matter. "Its unique tagging system enables
you to see a relevant set of tags associated with each security alert for a
quick overview of the affected products. What's more, you can now subscribe
to an RSS feed containing the specific tags that you are interested in -
you will then only receive alerts related to those tags." It has published
suggestions, advisories, solutions details related to Open Redirect
vulnerabilities.



*(2.1)* The first code programming flaw occurs at "func/click.php?" page
with "&noblink" parameter.







*References:*
http://tetraph.com/security/open-redirect/opoint-media-intelligence-unvalidated-redirects-and-forwards/
http://securityrelated.blogspot.com/2015/04/opoint-media-intelligence-unvalidated.html
http://www.inzeed.com/kaleidoscope/computer-web-security/opoint-media-intelligence-open-redirect/
http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/opoint-media-intelligence-open-redirect/
https://computerpitch.wordpress.com/2015/04/14/opoint-media-intelligence-open-redirect/
http://www.iedb.ir/author-Wang%20Jing.html
http://www.websecuritywatch.com/open-redirect-vulnerability-in-wordpress-newsletter-2-6-x-2-5-x/
http://lists.openwall.net/full-disclosure/2015/03/02/7
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1646





--
Wang Jing,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.
http://www.tetraph.com/wangjing/
https://twitter.com/justqdjing


Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close