The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2006-04-07 10:04
Updated : 2024-02-28 10:42
NVD link : CVE-2006-1672
Mitre link : CVE-2006-1672
CVE.ORG link : CVE-2006-1672
JSON object : View
Products Affected
cisco
- ons_15454_mspp
- ons_15310-cl_series
- ons_15600
- transport_controller
- optical_networking_systems_software
CWE