Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security

INTERNATIONAL
 Security Vulnerability

GS Mag n°12
Next Issues
Subscriptions
Publicity

Google

 Flux RSS
 












Nous gérons le fil d'information de l'officiel du bateau : bateau occasion
 
Vigil@nce: Sun Java Web Console, Cross Site Scripting
July 2009  by Vigil@nce

An attacker can generate a Cross Site Scripting in Sun Java Web Console in order to execute JavaScript code with privileges of the administrator connected to the web site.

- Severity: 2/4
- Consequences: client access/rights
- Provenance: document
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 29/06/2009

IMPACTED PRODUCTS

- Sun Solaris
- Sun Trusted Solaris

DESCRIPTION OF THE VULNERABILITY

The Sun Java Web Console is used to administer Sun applications via a web browser.

A Cross Site Scripting was announced in Sun Java Web Console. Technical details are unknown.

An attacker can therefore generate a Cross Site Scripting in Sun Java Web Console in order to execute JavaScript code with privileges of the administrator connected to the web site.

CHARACTERISTICS

- Identifiers: 262428, 6763558, BID-35513, VIGILANCE-VUL-8829
- Url: http://vigilance.fr/vulnerability/Sun-Java-Web-Console-Cross-Site-Scripting-8829

< previous      next >














home mail ?
Home Contact About Prowebserenity

 
Stay informed with Global Security Mag newsletters
copyright® 2007 S.I.M. Publicité