Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6570

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6570
Last Modified 07 Mar 2011 10:03:12
Published 28 Dec 2007 04:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6570

Summary

Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.

Vulnerable Systems

Application

  • Sun Java System Web Proxy Server 3.6

  • Sun Java System Web Proxy Server 4.0

  • Sun Java System Web Proxy Server 4.0.2

  • Sun Java System Web Proxy Server 4.0.3

  • Sun Java System Web Proxy Server 4.0.4

  • Sun Java System Web Proxy Server 4.0.5

  • Sun Java System Web Server 6.0

  • Sun Java System Web Server 6.1

  • Sun Java System Web Server 7.0


References

BID - 26978

SECUNIA - 28186

XF - javasystem-proxy-viewurl-xss(43976)

VUPEN - ADV-2007-4313

SUNALERT - 103002

OSVDB - 40851

CONFIRM - http://docs.sun.com/source/820-3637-10/relnotes36sp11_unix.html#wp19247

CONFIRM - http://docs.sun.com/app/docs/doc/820-2499/aeaaa?a=view

SECUNIA - 28216


Last Updated: 27 May 2016 10:46:32