« Sun Alert 102921 A... | Main | Sun Alert 102932... »
30 May 2007 Sun Alert 102909 Cross-site Scripting Vulnerability in Sun Java System Messaging Server
posted by security in Alerts
Product: Sun Java System Messaging Server 6.0, Sun Java System Messaging Server 6.3

A Cross Site Scripting (CSS or XSS) vulnerability in the Sun Java System Messaging Server may allow an unprivileged remote user the ability to execute arbitrary JavaScript commands in a client user's Internet Explorer web browser. This may allow the remote user to steal cookie information, hijack sessions, or cause a loss of data privacy.

Additional information about cross-site scripting and web script vulnerabilities can be found at the following URLs:

Avoidance: Patch
State: Resolved
First released: 23-May-2007
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102909-1
Permalink | Comments [1]
Trackback URL: http://blogs.sun.com/security/entry/sun_alert_102909_cross_site
Comments:

Fixed in versions:
6.2-9.02 125813,125814-02,125815-02
6.3-1.02 120228,120229-18,120230-18

Posted by Fred Batty on September 12, 2007 at 12:39 PM PDT #

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed

« Sun Alert 102921 A... | Main | Sun Alert 102932... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« November 2009
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
     
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.