Cisco announced one new security update this evening.
Cisco confirmed that the Cisco CallManager web application firewall fails to properly validate some malicious tags. The vulnerability could allow a remote attacker to execute arbitrary code in another user’s web browser if the user follows a carefully crafted URL. Detailed information can be found on Cisco’s web site.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!