Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to Sun Microsystems, Inc. - Sun Java System Web Proxy Server

jvndb-2007-000823

Vulnerability from jvndb

Published

2008-05-21 00:00

Modified

2008-05-21 00:00

Severity ?

() - -

Summary

Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server

Details

Sun Java System Web Server and Sun Java System Web Proxy Server are vulnerable to cross-site scripting. Sun Java System Web Server and Sun Java System Web Proxy Server, which are both web servers, provide a function for a user to view access logs and other records in a web browser. This function is vulnerable to cross-site scripting.

References

►

Type

URL

	JVN	http://jvn.jp/en/jp/JVN89292430/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6569
	NVD	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6569
	SECUNIA	http://secunia.com/advisories/28216/
	SECUNIA	http://secunia.com/advisories/28186
	BID	http://www.securityfocus.com/bid/26978
	FRSIRT	http://www.frsirt.com/english/advisories/2007/4313
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

►

Vendor

Product

	Sun Microsystems, Inc.	Sun Java System Web Proxy Server
	Sun Microsystems, Inc.	Sun Java System Web Server

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000823.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "Sun Java System Web Server and Sun Java System Web Proxy Server are vulnerable to cross-site scripting.\r\n\r\nSun Java System Web Server and Sun Java System Web Proxy Server, which are both web servers, provide a function for a user to view access logs and other records in a web browser. This function is vulnerable to cross-site scripting.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000823.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:sun:java_system_web_proxy_server",
      "@product": "Sun Java System Web Proxy Server",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:sun:java_system_web_server",
      "@product": "Sun Java System Web Server",
      "@vendor": "Sun Microsystems, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000823",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN89292430/index.html",
      "@id": "JVN#89292430",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6569",
      "@id": "CVE-2007-6569",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6569",
      "@id": "CVE-2007-6569",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/28216/",
      "@id": "SA28216",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://secunia.com/advisories/28186",
      "@id": "SA28186",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/26978",
      "@id": "26978",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/4313",
      "@id": "FrSIRT/ADV-2007-4313",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "Cross-site scripting in Sun Java System Web Server and Sun Java System Web Proxy Server"
}