Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1285

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1285
Last Modified 07 Mar 2011 10:06:27
Published 11 Mar 2008 01:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1285

Summary

Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Vulnerable Systems

Application

  • Sun Jsf 1.2 07


References

SUNALERT - 233561

CONFIRM - https://jira.jboss.org/jira/browse/JBPAPP-682

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=437082

VUPEN - ADV-2008-0808

SECTRACK - 1020628

BID - 28192

CONFIRM - http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.3.0.cp01/html-single/readme/

CONFIRM - http://www.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/4.2.0.cp03/html-single/readme/index.html

REDHAT - RHSA-2008:0828

REDHAT - RHSA-2008:0827

REDHAT - RHSA-2008:0826

REDHAT - RHSA-2008:0825

SECUNIA - 29327


Last Updated: 27 May 2016 10:47:06