Vigil@nce: Sun AS, GlassFish, Cross Site Scripting
May 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can generate two Cross Site Scripting in Sun GlassFish
Enterprise Server and Sun Java System Application Server.
Severity: 2/4
Consequences: client access/rights
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 2
Creation date: 12/05/2009
IMPACTED PRODUCTS
– Sun GlassFish Enterprise Server
– Sun Java System Application Server
DESCRIPTION OF THE VULNERABILITY
An attacker can generate two Cross Site Scripting in Sun GlassFish
Enterprise Server and Sun Java System Application Server.
The SailFin project uses the SIP protocol and the implementation
of javax.servlet.sip (glassfish/comms/admin/gui/extensions/docroot/sip/...).
However, the getRequestValue() method is not used to obtain GET
parameters in several files under extensions/docroot/sip.
[grav:2/4; 6820994]
A Cross Site Scripting with an unknown origin was also announced.
[grav:2/4; 6717148]
An attacker can therefore execute JavaScript code in the context
of the website.
CHARACTERISTICS
Identifiers: 258528, 6717148, 6820994, BID-34914,
VIGILANCE-VUL-8708
http://vigilance.fr/vulnerability/Sun-AS-GlassFish-Cross-Site-Scripting-8708