Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0413

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-0413
Last Modified 25 May 2010 12:18:48
Published 30 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-0413

Summary

Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message.

Vulnerable Systems

Application

  • Sun One Application Server 7.0


References

BID - 7710

XF - sunone-http-error-xss(12095)

CIAC - N-103

SUNALERT - 55221

MISC - http://www.spidynamics.com/sunone_alert.html

SUNALERT - 1000610

SUNALERT - 201009

SUNALERT - 57605

BUGTRAQ - 20030526 Multiple Vulnerabilities in Sun-One Application Server


Last Updated: 27 May 2016 10:37:54