Sun Java Web Proxy Server and Sun Java Web Server Multiple Cross-Site Scripting Vulnerabilities

Bugtraq ID: 26978
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Dec 21 2007 12:00AM
Updated: Dec 21 2007 09:01PM
Credit: Daiki Fukumori of Secure Sky Technology and JPCERT/CC are credited with the discovery of this vulnerability.
Vulnerable: Sun Java Web Proxy Server 4.0.5
Sun Java Web Proxy Server 4.0.4
Sun Java Web Proxy Server 4.0.3
Sun Java Web Proxy Server 4.0.2
Sun Java Web Proxy Server 3.6 SP8
Sun Java Web Proxy Server 3.6 SP7
Sun Java Web Proxy Server 3.6 SP6
Sun Java Web Proxy Server 3.6 SP5
Sun Java Web Proxy Server 3.6 SP4
Sun Java Web Proxy Server 3.6 SP3
Sun Java Web Proxy Server 3.6 SP2
Sun Java Web Proxy Server 3.6 SP1
Sun Java Web Proxy Server 3.6
Sun Java Web Proxy Server 4.0 SP1
Sun Java Web Proxy Server 4.0
Sun Java Web Proxy Server 3.6.0 SP9
Sun Java Web Proxy Server 3.6.0 SP10
Sun Java System Web Server 6.1 SP7
Sun Java System Web Server 6.1 SP6
Sun Java System Web Server 6.1 SP5
Sun Java System Web Server 6.1 SP4
Sun Java System Web Server 6.1 SP3
Sun Java System Web Server 6.1 SP2
Sun Java System Web Server 6.1 SP1
Sun Java System Web Server 6.1
Sun Java System Web Server 6.0 SP9
Sun Java System Web Server 6.0 SP10
Sun Java System Web Server 6.0 SP8
Sun Java System Web Server 6.0 SP7
Sun Java System Web Server 6.0 SP6
Sun Java System Web Server 6.0 SP5
Sun Java System Web Server 6.0 SP4
Sun Java System Web Server 6.0 SP3
Sun Java System Web Server 6.0 SP2
Sun Java System Web Server 6.0 SP1
Sun Java System Web Server 6.0
Sun Java System Web Server 7.0
Sun Java System Web Server 6.1
Not Vulnerable: Sun Java Web Proxy Server 4.0.6
Sun Java Web Proxy Server 3.6.0 SP11
Sun Java System Web Server 6.1 SP8
Sun Java System Web Server 7.0 Update 1


 

Privacy Statement
Copyright 2010, SecurityFocus