Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2518

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2518
Last Modified 07 Mar 2011 10:09:18
Published 03 Jun 2008 10:32:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2518

Summary

Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter.

Vulnerable Systems

Application

  • Sun Java System Web Server 6.1

  • Sun Java System Web Server 7.0


References

SUNALERT - 236481

XF - javasystem-advancedsearch-xss(42624)

VUPEN - ADV-2008-1649

SECTRACK - 1020110

BID - 29355

SECUNIA - 30381


Last Updated: 27 May 2016 10:47:54