vulnerability note CVE-2009-2283

Sun Java Web Console: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in Sun Java Web Console in order to execute JavaScript code with privileges of the administrator connected to the web site.

Severity: 2/4. Creation date: 29/06/2009.

Description of the vulnerability

The Sun Java Web Console is used to administer Sun applications via a web browser. A Cross Site Scripting was announced in Sun Java Web Console. Technical details are unknown. An attacker can therefore generate a Cross Site Scripting in Sun Java Web Console in order to execute JavaScript code with privileges of the administrator connected to the web site.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Sun Java Web Console: Cross Site Scripting. Keywords: Console Cross Java JavaScript Scripting Site Sun Web. Identifiers: 262428, 6763558, BID-35513, CVE-2009-2283, VIGILANCE-VUL-8829.

Information sources

Publications and announces Source example: Cross-site Scripting (XSS) Security Vulnerability in Sun Java Web Console May Allow Execution of Arbitrary Code

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer applications vulnerability