TITLE:
Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID:
SA20147
VERIFY ADVISORY:
http://secunia.com/advisories/20147/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
SOFTWARE:
Sun Java System Application Server (Sun ONE) 7.x
http://secunia.com/product/1534/
Sun Java System Web Server (Sun ONE/iPlanet) 6.x
http://secunia.com/product/92/
DESCRIPTION:
Keigo Yamazaki has reported a vulnerability in Sun ONE and Sun Java
System Web Server, which can be exploited by malicious people to
conduct cross-site scripting attacks.
Input containing a " (Double quote) character in the URL is not
properly sanitised before being returned to users in error pages.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of a vulnerable site.
The vulnerability has been reported in the following versions:
SOLUTION:
Apply Service Pack or updates.
Sun ONE Web Server 6.0:
Apply Service Pack 10 or later.
http://www.sun.com/download/products.xml?id=43a84f89
Sun Java System Web Server 6.1:
Apply Service Pack 5 or later.
http://www.sun.com/download/products.xml?id=434aec1d
(International version at
http://www.sun.com/download/products.xml?id=43c43041)
Sun ONE Application Server 7 Platform Edition:
Apply Update 7 or later.
http://www.sun.com/download/products.xml?id=42ae3178
Sun ONE Application Server 7 Standard Edition:
Apply Update 7 or later.
http://www.sun.com/download/products.xml?id=42ae317c
Sun Java System Application Server 7 2004Q2 Standard Edition:
Apply Update 3 or later.
http://www.sun.com/download/products.xml?id=427fe06d
Sun Java System Application Server 7 2004Q2 Enterprise Edition:
Apply Update 3 or later.
http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId=SJAS72004Q2U3-EE-OTH-G-ES
PROVIDED AND/OR DISCOVERED BY:
Keigo Yamazaki, LAC
ORIGINAL ADVISORY:
Sun Microsystems:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102164-1
LAC:
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/87_e.html
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.