« Sun Alert 102733... | Main | Solaris in.telnetd... »
28 Feb 2007 Sun Alert 102621 Cross-site Scripting Vulnerability in Sun Java System Access Manager
posted by security in Alerts
Product: Sun Java System Access Manager 6 2005Q1, Sun Java System Access Manager 7 2005Q4

A Cross Site Scripting (CSS or XSS) vulnerability in the Sun Java System Access Server may allow an unprivileged remote user to steal cookie information, hijack sessions, or cause a loss of data privacy between a client and the server.

Additional information about cross-site scripting and web script vulnerabilities can be found at the following URLs:

http://www.cert.org/archive/pdf/cross_site_scripting.pdf

http://www.cert.org/tech_tips/malicious_code_FAQ.html

http://www.cert.org/advisories/CA-2000-02.html

Avoidance: Patch
State: Resolved
First released: 29-Jan-2007
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102621-1
Permalink | Comments [0]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_102621_cross_site
Comments:

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed

« Sun Alert 102733... | Main | Solaris in.telnetd... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« November 2009
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
     
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.