Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Internet » Security Alerts and vulnerabilities » Sun Java System Server XSite Scripting
Register Calendar Gallery Mark Forums Read

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 03-23-2005, 02:00 PM
Mobo's Avatar
Mobo Mobo is offline
Thinking outside the box
  
Join Date: Sep 2004
Location: Cape Breton
Posts: 4,587
Send a message via ICQ to Mobo Send a message via AIM to Mobo Send a message via MSN to Mobo Send a message via Yahoo to Mobo Send a message via Skype™ to Mobo
The vulnerability is caused due to an unspecified input validation error and can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.

The following versions are affected:
* Sun Java System Application Server Standard Edition 7 Update Release 5 and prior
* Sun Java System Application Server Platform Edition 7 Update Release 5 and prior
* Sun Java System Application Server 7 2004Q2 Standard Edition Update Release 1 and prior
* Sun Java System Application Server 7 2004Q2 Enterprise Edition Update Release 1 and prior

Solution:
The vendor has issued updated versions.

Sun Java System Application Server 7 Standard Edition Update 6:
http://www.sun.com/download/products.xml?id=41c239a4

Sun Java System Application Server 7 Platform Edition Update 6:
http://www.sun.com/download/products.xml?id=41c374e2

Sun Java System Application Server 7 2004Q2 Standard Edition Update 2:
http://www.sun.com/download/products.xml?id=41e32dfb

Sun Java System Application Server 7 2004Q2 Enterprise Edition Update 2:
https://osc-amer.sun.com/OSCSW/svcportal?pa...ame=clselection

Provided and/or discovered by:
Eric Hobbs, MagnaWare.

Original Advisory:
http://sunsolve.sun.com/search/document.do...ey=1-26-57742-1
Reply With Quote
Posted


Reply

  • Submit Thread to Digg Digg
  • Submit Thread to del.icio.us del.icio.us
  • Submit Thread to StumbleUpon StumbleUpon
  • Submit Thread to Google Google
    • Bookmarks

    « Previous Thread | Next Thread »
    Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
     
    Thread Tools
    Display Modes
    Linear Mode Linear Mode

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts
    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off
    Forum Jump

    Similar Threads
    Thread Thread Starter Forum Replies Last Post
    Help With Virus Tspy_alemod.a PaulB1955 Spyware / Virus Removal 32 08-18-2005 07:12 PM
    Media Player Remote PNG for windows server Mobo Security Alerts and vulnerabilities 0 02-09-2005 02:13 PM
    Microsoft December security update Mobo News & Announcements 0 12-18-2004 08:30 AM
    Web Forums Server Multiple Vulnerabilities Mobo Security Alerts and vulnerabilities 0 11-03-2004 08:23 AM



    All times are GMT -5. The time now is 07:38 AM.

    Contact Us - CyberAnswers - Archive - Privacy Statement - Top

    Firefox 2