Vigil@nce: Sun Glassfish Enterprise Server, Cross Site Scripting
May 2009 by Vigil@nce
Several Cross Site Scripting can be used by an attacker to execute
JavaScript code in the context of Sun Glassfish Enterprise Server.
– Severity: 2/4
– Consequences: client access/rights
– Provenance: document
– Means of attack: 3 attacks
– Ability of attacker: beginner (1/4)
– Confidence: multiples sources (3/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Number of vulnerabilities in this bulletin: 3
– Creation date: 06/05/2009
IMPACTED PRODUCTS
– Sun GlassFish Enterprise Server
DESCRIPTION OF THE VULNERABILITY
Several Cross Site Scripting can be used by an attacker to execute
JavaScript code in the context of Sun Glassfish Enterprise Server.
The /applications/applications.jsf, /configuration/configuration.jsf,
/customMBeans/customMBeans.jsf, /resourceNode/resources.jsf,
/sysnet/registration.jsf and /webService/webServicesGeneral.jsf
page do not filter the query in the url before displaying it in
the HTML page. [grav:2/4; CVE-2009-1553, DSECRG-09-034]
The /configuration/auditModuleEdit.jsf, /configuration/httpListenerEdit.jsf
and /resourceNode/jdbcResourceEdit.jsf page do not filter the
"name" parameter in the url before displaying it in the HTML page.
[grav:2/4; CVE-2009-1553, DSECRG-09-034]
The Sun Glassfish Woodstock (User Interface Components) project
runs with Sun Glassfish Woodstock Project. An attacker can use a
UTF-7 encoding to inject JavaScript code in the 404 error page of
Woodstock. [grav:2/4; CVE-2009-1554, DSECRG-09-038]
CHARACTERISTICS
– Identifiers: BID-34824, CVE-2009-1553, CVE-2009-1554,
DSECRG-09-034, DSECRG-09-038, VIGILANCE-VUL-8693
– Url: http://vigilance.fr/vulnerability/Sun-Glassfish-Enterprise-Server-Cross-Site-Scripting-8693