Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

Bugtraq ID: 34800
Class: Input Validation Error
CVE: CVE-2009-1523
CVE-2009-1524
Remote: Yes
Local: No
Published: May 04 2009 12:00AM
Updated: Mar 25 2014 12:56AM
Credit: Greg Wilkins and oakim Erdfelt
Vulnerable: VMWare Vcenter Update Manager 4.1
VMWare Vcenter Update Manager 4.0
VMWare Vcenter Update Manager 1.0
S.u.S.E. openSUSE 11.2
Red Hat Fedora 11
Oracle WebLogic Event Server 2.0
Oracle Complex Event Processing 10.3
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
Jetty Jetty 6.1.16
Jetty Jetty 6.1.7
Jetty Jetty 6.0.2
Jetty Jetty 6.0.1
Jetty Jetty 5.1.15
Jetty Jetty 7.0.0.M2
Jetty Jetty 6.1.6
Jetty Jetty 6.1.5
Jetty Jetty 6.1.4
Jetty Jetty 6.1.3
Jetty Jetty 6.1.2
Jetty Jetty 6.1.1
Jetty Jetty 6.1.0pre3
Jetty Jetty 6.1.0pre2
I2P I2P 0.7.10
I2P I2P 0.7.6
HP Insight Orchestration 6.0
Not Vulnerable: Jetty Jetty 6.1.17
I2P I2P 0.7.11
HP Insight Orchestration 6.1


 

Privacy Statement
Copyright 2010, SecurityFocus