« Solaris not impacted... | Main | Sun Alert 262668... »
29 Jun 2009 Sun Alert 256568 Cross-Site Scripting (XSS) Security Vulnerability in the Sun Java System Access Manager Cross-Domain Controller (CDC)
posted by chandan in Alerts
Product: Sun Java System Access Manager

A cross-site scripting (XSS) vulnerability in the Sun Java System Access Manager Cross-Domain Controller (CDC) may allow an unprivileged remote user to inject code into web pages served by the Access Manager CDC which can result in various impacts including the theft of sensitive information such as cookie information, access to user credentials, or the hijacking of sessions.

The Cross-Domain Controller (CDC) is a servlet that communicates with policy agents outside its own domain, and then checks for a user's Single Sign-On (SSO) information.

State: Resolved
First released: 29-Jun-2009
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-256568-1
Permalink |
Comments:

Post a Comment:

Comments are closed for this entry.

« Solaris not impacted... | Main | Sun Alert 262668... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« February 2010
SunMonTueWedThuFriSat
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
      
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2010, Oracle Corporation and/or its affiliates