« Sun xVM VirtualBox: Open... | Main | Google Web Toolkit 1.5... »

Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks

Filed in archive Security by gautam on May 27, 2008

There are chances of cross site scripting attacks as vulnerability has been reported in Sun Java System Web Server. The vulnerability has been found out in case of Sun Java System Web Server 6.1 and 7.0. In this case unspecified inputs passed to the advanced search functionality may not be sanitized before being returned to the user and it could be exploited for execution of arbitrary HTML and script code in the browser session of affected site. You can download the patches out here.

Permalink: Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks
Tags: Cross Site Scripting Attacks Sun Java System Web Server java java+system

Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/124746

Vulnerability reported in Java System Directory Server - 03 April 2007

Vulnerability reported in Sun Java System Application Server - 26 July 2007

Redirect vulnerability reported in Sun Java System Web... - 03 August 2007

Vote for Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks:

Currently 6.00/10
1
2
3
4
5
6
7
8
9
10

Rating: 6.0 out of 3 vote(s) cast.

CW Toolbar
RSS	\| See all blog subscribe options
Google	\| What is RSS?
Yahoo!
Addthis
Bloglines
Newsletter

Advertisement - Book yours here.

Check out our Sponsored Blogs!
The Mobile Technology Weblog
latest news from

jQuery.com redesigned with a Rock Star

GWT 1.5 final release is shipped and out the door

qooxdoo 0.8: new GUI toolkit and tool chain

Degrading script tags for fun and profit

The Ajax Experience Framework Summit

Inkscape: Open Source Drawing for SVG

The State of SVG Browser Support + Using Flash for SVG in Internet Explorer

In Praise of Evolvable Systems

GALGWT 1.0… it isn’t a land next to Mordor

Internet Explorer 8 Beta 2 and Web Standards

YouTube Uploader now using Gears, and what people missed in Gears 0.4

Proxy issues with querystrings in path names

Towards Using Custom Fonts

Ubiquity: Quicksilver of the Firefox browser

Using CSS to do the print watermark technique

jParallax Turns Elements into a Viewport

navigator.geolocation: Using the W3C Geolocation API today

Firebug 1.2: The final release is out there

Understanding context in your New Tab

Want a Free Pass to The Ajax Experience?

Get the Newsletter

Browser Plug-ins
Client-side Frameworks
Interaction Design/
Graphic Design/User Experience
JavaScript
Programming Techniques
Security
Server-side Frameworks

Advertisement -
Book yours here..

Our Editors recommend
Ajaxian
Bokardo
Bruce Eckel's Weblog
Daniweb
Java Posse
Joel on Software
Martin Fowler's Bliki
Mashable
Rick Hightower's Sleepless Night in Tucson
Service-Oriented Architecture
TechCrunch
techno.blog ("Dion")
Tinou's Work Blog
Tor Norbye's Weblog

Contributors (Last 90 days)
Gautam Chhabra (34)
This site has 631 entries and is powered by Creative Weblogging since September 2005.
Do you want to start or edit an existing blog for us and get paid? More info.
Do you want to advertise on this blog? We have great ideas!
Do you have tips for us? Send them!

Discover Java Entrepreneur on your cell phone! Simply type the URL of your favorite blog in your mobile browser.

Advertise with us
Learn more about our advertising options, visit our shop or give Sonja a call at +1 (650) 331 8047.
NEW you can also chat with us.

Security Cameras
Would you like to have a new interactive marketing channel for your company? Learn more about Sponsored Blogs with Creative Weblogging. See how we helped istockphoto.com and others.
Do you have a blog with more than 50k page views from the US? Let us market your blog.

Advertisement
Book yours here.

Testimonials
'Great looking blog. Good quality posts with useful information.'

Other blogs in the same channel in the Creative Weblogging Network

Advertisement -
Book yours here..

Disclaimer
Some of the contents of this site are protected Creative Weblogging Ltd. 2004-2008.

Advertisement - Book yours here..

Add your response to Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks:
Name: *	Email: (will never be shown)*	URL:

(* marked fields are required)
Notify me if more comments appear?	Subscribe to Java Entrepreneur newsletter? (Newsletters are sent out weekly).	Remember me
Security Code: * (Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)


We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Tell a friend about Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks
Recipient email:*	Your email:*

(* Both email addresses are required for sending this article. They will never be shown or used for any marketing purposes)
Please enter a message which will be shown together with the article:

Security Code: (Please help us to sort out spam.)

Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks

Filed in archive Security by gautam on May 27, 2008

Related Entries:

Vote for Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks:

Add your response to Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks:

Tell a friend about Vulnerability detected in Sun Java System Web Server for causing cross-site scripting attacks

Check out our Sponsored Blogs!

latest news from

Our Editors recommend

Contributors (Last 90 days)

Categories

Archives

Advertise with us

Most popular

Testimonials

Recent Comments

Other blogs in the same channel in the Creative Weblogging Network

Technology

Disclaimer

Find more recent entries from our other publications:

BlogWealth

The CIO Weblog

P2P File Sharing

HackITLinux

Nanotechbuzz

The VoIP Weblog