Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability note CVE-2009-2283

Sun Java Web Console: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in Sun Java Web Console in order to execute JavaScript code with privileges of the administrator connected to the web site.
Severity: 2/4.
Creation date: 29/06/2009.

Impacted products

Description of the vulnerability

The Sun Java Web Console is used to administer Sun applications via a web browser.

A Cross Site Scripting was announced in Sun Java Web Console. Technical details are unknown.

An attacker can therefore generate a Cross Site Scripting in Sun Java Web Console in order to execute JavaScript code with privileges of the administrator connected to the web site.

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter Yahoo 

Complete Vigil@nce bulletin

Sun Java Web Console: Cross Site Scripting

Characteristics

Title: Sun Java Web Console: Cross Site Scripting.
Keywords: Console Cross Java JavaScript Scripting Site Sun Web.
Identifiers: 262428, 6763558, BID-35513, CVE-2009-2283, VIGILANCE-VUL-8829.

Information sources

Publications and announces
Source example: Cross-site Scripting (XSS) Security Vulnerability in Sun Java Web Console May Allow Execution of Arbitrary Code

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

Vigil@nce provides a network vulnerability announce. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.



















Copyright 1999-2012 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française