Freely subscribe to our NEWSLETTER

– Severity: 2/4
– Consequences: client access/rights
– Provenance: document
– Means of attack: 3 attacks
– Ability of attacker: beginner (1/4)
– Confidence: multiples sources (3/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Number of vulnerabilities in this bulletin: 3
– Creation date: 06/05/2009

IMPACTED PRODUCTS

– Sun GlassFish Enterprise Server

DESCRIPTION OF THE VULNERABILITY

Several Cross Site Scripting can be used by an attacker to execute
JavaScript code in the context of Sun Glassfish Enterprise Server.

The /applications/applications.jsf, /configuration/configuration.jsf,
/customMBeans/customMBeans.jsf, /resourceNode/resources.jsf,
/sysnet/registration.jsf and /webService/webServicesGeneral.jsf
page do not filter the query in the url before displaying it in
the HTML page. [grav:2/4; CVE-2009-1553, DSECRG-09-034]

The /configuration/auditModuleEdit.jsf, /configuration/httpListenerEdit.jsf
and /resourceNode/jdbcResourceEdit.jsf page do not filter the
"name" parameter in the url before displaying it in the HTML page.
[grav:2/4; CVE-2009-1553, DSECRG-09-034]

The Sun Glassfish Woodstock (User Interface Components) project
runs with Sun Glassfish Woodstock Project. An attacker can use a
UTF-7 encoding to inject JavaScript code in the 404 error page of
Woodstock. [grav:2/4; CVE-2009-1554, DSECRG-09-038]

CHARACTERISTICS

– Identifiers: BID-34824, CVE-2009-1553, CVE-2009-1554,
DSECRG-09-034, DSECRG-09-038, VIGILANCE-VUL-8693
– Url: http://vigilance.fr/vulnerability/Sun-Glassfish-Enterprise-Server-Cross-Site-Scripting-8693