« CommunityOne Secure... | Main | Sun Alert 260508 A... »
03 Jun 2009 Sun Alert 258528 Multiple Security Vulnerabilities in Sun GlassFish Enterprise Server 2.1 (formerly Sun Java System Application Server 9.1UR2) May Lead to a Denial of Service (DoS) Condition or Execution of JavaScript Code
posted by chandan in Alerts
Product: Sun GlassFish Enterprise Server 2.1

Multiple security vulnerabilities in the HTTP Engine and the Administration Interface of the Sun GlassFish Enterprise Server may:

  1. Allow a remote unprivileged user to execute JavaScript within an authenticated user's browser session. These vulnerabilities may lead to various impacts, including theft of sensitive information (such as cookie information), access to user credentials, or the hijacking of sessions.

  2. Allow a local privileged user to consume excessive system resources, thereby leading to Denial of Service (DoS) to the system as a whole.

Sun acknowledges with thanks, Digital Security Research Group for bringing the issue described in Bug 6820994 to our attention.


State: Resolved
First released: 11-May-2009
Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-258528-1
Permalink |
Comments:

Post a Comment:

Comments are closed for this entry.

« CommunityOne Secure... | Main | Sun Alert 260508 A... »

Sun Certified Security Administrator

Download Solaris
Patches and Updates
Download Solaris Security Toolkit

« November 2009
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
     
       
Today


Company Info   |   Contact   |   Terms of Use   |   Privacy   |   Trademarks   |   Copyright 2008 Sun Microsystems, Inc.