Межсайтовый скриптинг в Sun Java System Web Server / Web Proxy Server

Дата публикации:	25.12.2007
Дата изменения:	27.01.2008
Всего просмотров:	6333
Опасность:	Низкая
Наличие исправления:	Да
Количество уязвимостей:	1
CVE ID:	Нет данных
Вектор эксплуатации:	Удаленная
Воздействие:	Межсайтовый скриптинг
CWE ID:	Нет данных
Наличие эксплоита:	Нет данных
Уязвимые продукты:	Sun Java System Web Server (Sun ONE/iPlanet) 6.x Sun Java System Web Proxy Server 3.x Sun Java System Web Proxy Server 4.x Sun Java System Web Server 7.x
	Уязвимые версии: Sun Java System Web Proxy Server 3.x Sun Java System Web Proxy Server 4.x Sun Java System Web Server (Sun ONE/iPlanet) 6.x Sun Java System Web Server 7.x Описание: Уязвимость позволяет удаленному пользователю произвести XSS нападение. Уязвимость существует из-за недостаточной обработки входных данных. Удаленный пользователь может с помощью специально сформированного запроса выполнить произвольный код сценария в браузере жертвы в контексте безопасности уязвимого сайта. URL производителя: www.sun.com Решение: Установите исправление с сайта производителя. -- SPARC Platform -- * Sun Java System Web Server 6.1 with Service Pack 8 or later http://www.sun.com/download/products.xml?id=4694392a * Sun Java System Web Server 6.1 with patch 116648-20 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-116648-20-1 * Sun Java System Web Server 7.0 with Update 1 or later http://www.sun.com/download/products.xml?id=467713d6 * Sun Java System Web Server 7.0 with patch 125437-07 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125437-07-1 * Sun Java System Web Proxy Server 3.6 Service Pack 11 or later http://www.sun.com/download/products.xml?id=472a622f * Sun Java System Web Proxy Server 4.0.6 or later http://www.sun.com/download/products.xml?id=4701e042 * Sun Java System Web Proxy Server 4.0 with patch 120981-13 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-120981-13-1 -- x86 Platform -- * Sun Java System Web Server 6.1 with Service Pack 8 or later http://www.sun.com/download/products.xml?id=4694392a * Sun Java System Web Server 6.1 with patch 116649-20 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-116649-20-1 * Sun Java System Web Server 7.0 with Update 1 or later http://www.sun.com/download/products.xml?id=467713d6 * Sun Java System Web Server 7.0 with patch 125438-07 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125438-07-1 * Sun Java System Web Proxy Server 4.0.6 or later http://www.sun.com/download/products.xml?id=4701e042 * Sun Java System Web Proxy Server 4.0 with patch 120982-13 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-120982-13-1 -- Linux -- * Sun Java System Web Server 6.1 with Service Pack 8 or later http://www.sun.com/download/products.xml?id=4694392a * Sun Java System Web Server 6.1 with patch 118202-12 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-118202-12-1 * Sun Java System Web Server 7.0 with Update 1 or later http://www.sun.com/download/products.xml?id=467713d6 * Sun Java System Web Server 7.0 with patch 125439-07 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125439-07-1 * Sun Java System Web Proxy Server 4.0.6 or later http://www.sun.com/download/products.xml?id=4701e042 * Sun Java System Web Proxy Server 4.0 with patch 120983-13 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-120983-13-1 -- Windows -- * Sun Java System Web Server 6.1 with Service Pack 8 or later http://www.sun.com/download/products.xml?id=4694392a * Sun Java System Web Server 6.1 with patch 121524-04 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-121524-04-1 * Sun Java System Web Server 7.0 with Update 1 or later http://www.sun.com/download/products.xml?id=467713d6 * Sun Java System Web Server 7.0 with patch 125441-06 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125441-06-1 * Sun Java System Web Proxy Server 3.6 Service Pack 11 or later http://www.sun.com/download/products.xml?id=472a622f * Sun Java System Web Proxy Server 4.0.6 or later http://www.sun.com/download/products.xml?id=4701e042 -- HP-UX -- * Sun Java System Web Server 6.1 with Service Pack 8 or later http://www.sun.com/download/products.xml?id=4694392a * Sun Java System Web Server 6.1 with patch 121510-04 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-121510-04-1 * Sun Java System Web Server 7.0 with Update 1 or later http://www.sun.com/download/products.xml?id=467713d6 * Sun Java System Web Server 7.0 with patch 125440-01 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-125440-01-1 * Sun Java System Web Proxy Server 3.6 Service Pack 11 or later http://www.sun.com/download/products.xml?id=472a622f * Sun Java System Web Proxy Server 4.0.6 or later http://www.sun.com/download/products.xml?id=4701e042 * Sun Java System Web Proxy Server 4.0 with patch 123532-03 or later http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-123532-03-1 -- AIX -- * Sun Java System Web Server 6.1 with Service Pack 8 or later http://www.sun.com/download/products.xml?id=4694392a * Sun Java System Web Proxy Server 3.6 Service Pack 11 or later http://www.sun.com/download/products.xml?id=472a622f
Ссылки:	Cross-site Scripting Vulnerability in Sun Java System Web Server and Web Proxy Server

Межсайтовый скриптинг в Sun Java System Web Server / Web Proxy Server

Подпишитесь на email рассылку